Nowadays, most WordPress users use simple week passwords. The result of using a password like this will end up with security hols for your website. Because many of the hackers can easily creak those with minimal effort. To avoid this problem there are some plugins like Password Policy Manager For WordPress.
Contents
Why require a password policy manager for WordPress.
Everybody knows there is a password generator in WordPress by default. You can see that in the installation of WordPress, user profile creation, and the user registration process.
Of course, it generates strong, complex passwords. But have you seen there is an option called “confirm use of week password”.
If someone uses this option on a site like an online store or membership site, that will be a serious security problem for the WordPress site.
We want to enforce a strong password generator in WordPress to avoid this problem.
Password policy manager for WordPress
In this case, password policy manager comes handy. For this, you have to install a password policy manager for WordPress and activate it.
If you want, you can learn how to install it on WordPress in our YouTube video. Those videos are less than 5minuts long. So you can learn overall of plugins very quickly. If you like the video, please like the video and hit subscribe button. If you hit the bell icon, you can get a notification about future videos.
Ok, once you finish installation, activate the plugin.
Now let’s go to the password policy page and click “Enable password policies”.
Under the Site-wide policies section, you can change several important options for the password.
What is in the password policy section you can change,
- How many minimum characters password must contain.
- Mix of upper and lower case letters.
- Contain special characters
In here you get an option to exclude special characters from the above list.
And another perfect option, which is password expires automatically after your given time period.
SO if you scroll down some more, you can find more options.
- Disable inactive account after a given time period.
- Disallow old password on reset.
- Reset the password on the first login.
- Disable sending of password links.
- Also, you can set fail logging attempts before locking the account.
Does this setting affect all users, or can we set it individually for different user groups?
Of course, those will affect all the users by default. But there is some option to set up policies separately by user groups like administrators, editors, authors, etc.
So you don’t want to worry about your password security in WordPress anymore. This will direct users to create a strong password from now on.
Still, you have to do strong passwords in login forms and custom user registration. Read how to use a strong password on custom user registration and login forms.
Conclusion
Now you know why we need a plugin like a password policy manager for WordPress.
Also, you know how to use it for your websites.
I already tested and used those plugins for my websites before creating this article. As you can see the video about plugins in my youtube video. If you have any questions, please comment below. I’ll try my best to answer them as soon as possible.