Let’s say that you are running a WordPress site with a lot of users; say a Multisite or BuddyPress site. If your website gets hacked, the first thing you should do is reset password for all users and notify them about their new passwords. As you can imagine this can take a long time if you have a lot of users. Fortunately, there is  a  plugin for that. Here’s how:

  1. First thing you need to do is install and activate the Emergency Password Reset plugin.
  2. Once you have activated the plugin, go to Users » Emergency Password Reset and click on the Reset all passwords button. The plugin will automatically reset passwords for all users (including the admin user who initiated the password reset) and send an email to all users containing their new password.  Pretty awesome, right?
  3. After resetting all passwords, we recommend that you change your WordPress security key also known as SALTs. Changing the security key will end all sessions for logged in users, so if a hacked user was logged in, then they will automatically be logged out.