How to Force Strong Password on Users in WordPress

How to Force Strong Password on Users in WordPress
Chelsea Gray

We have already noticed other sites requiring their users to have a strong password. Bluehost requires their users to have a strong password for email in cPanel. Arstechnica wrote a great article on why passwords have never been weaker — and crackers have never been stronger. While WordPress has a password strength meter that shows user how strong their password is, it does not enforce the strength. Having an administrator or editor level user with a weak password can present a security risk. In this article, we will show you how to force strong passwords on users in WordPress.

How to Force Strong Password on WordPress Users
Stefania Deaton

When you have a WordPress site on which any user can register, you can make it a vibrant and diverse community fairly quickly. However, this also brings with it a security problem. When any user can set his/her own password, there is a high probability that they can set a weak password. If a hacker gets hold of this weak password, he/she can take over your complete site in just a few minutes. This can cause great havoc to your online community, with even a possibility that you may not be able to revive it. Since you cannot rely on users to set strong passwords by themselves, it is better instead to just force strong password on WordPress users.

Force Strong Passwords on Users to Improve WordPress Security
Marlana Peralta

You can also configure how long can a password be used from the Password Expiration Policy, also known as password age. When passwords automatically expire users have to change them and avoid using the same password for months and years. You can also configure the password history policy in the plugin. The password history setting determines the number of unique new passwords users have to use before they can reuse an old password.

How to Enforce Strong Passwords in WordPress
Shavon Peoples

Depending on your website you might want to force all users to use strong passwords, in which case you’d select the “subscriber” role. But if you require folks to signup for a subscriber account to download freebies you may not want to discourage them by requiring a strong password. In this case, it might be better to simply apply the requirement to contributors and above.

How to Force Strong Password on Users in WordPress
Monnie William

Some sites out there are requireing their users to have a strong password such as Bluehost. There are a plethora of reasons to have a stong password it is sometimes easeir for your users to use weak passwords. In this video, we will show you how to force strong passwors on users in WordPress.
Grace Smith

Modifies the array of roles that are considered «weak», and for which strong password enforcement is skipped when creating a new user. In this situation, the user object has yet to be created. This means that there are no capabilities to go by. Because of this, Force Strong Passwords has to use the role that has been set on the Add New User form.

Be the first to comment

Leave a Reply

Your email address will not be published.