Wordpress security update - password change and discount coupon

Just got this mail from wordpress asking me to change my password. They also offered a 15% discount on their services as a Sorry coupon.. :!

I just wonder how many accounts were affected and what was the exact issue. Hope it wasn't saved in cleartext!

And yes, its a legit email. Just be careful that the link you get finally ends up in https://wordpress.com.

Also, it doesn't ask you to enter your old password but just new password.

Well, I ve changed my password here, but where else is it? Thankfully its one of my lesser used password..

WordPress.com ✆ passwordcoupon@wordpress.com to me

show details 4:43 AM (1 hour ago)

Hello h4ck@lyst,

We recently found and fixed a mistake that we’d like to tell you about. Passwords on WordPress.com are saved in a way that makes them extremely secure, such that even our own employees are unable to see your actual password – the one you enter to login to your WordPress.com account. However, between July 2007 and April 2008, and September 2010 and July 2011, a mistake in one of our systems used to find and correct bugs on WordPress.com accidentally logged some users’ passwords in a less secure format during registration.

We’ve updated our systems to prevent passwords from being logged this way in the future, so this will not happen again. We don’t have any evidence that this data has been accessed maliciously or misused, but to be on the safe side we are resetting your password since your account is among those affected.

Please change your password using this link or copy and paste the URL below into your web browser:


If the password you used when you registered on WordPress.com was one you use elsewhere, you should change it there, too. In the future, remember that it’s good practice to always use unique passwords for different services.

We are terribly sorry about this mistake. No one likes having to create new passwords and we’d like to include a 15% off coupon to say we’re sorry. The coupon can be used for a custom domain, a design upgrade, VideoPress, or a storage space increase. Just use the code below on any of the upgrades on the WordPress.com Store:


If you have any questions, please reply to this email and one of our Happiness Engineers will get back to you as soon as possible.

Thank you,
The WordPress.com Team


WordPress.com | Thanks for flying with WordPress!

Written on August 19, 2011