How to Enforce Strong Passwords in WordPress

By WP Saviour •  Updated: 10/29/20 •  3 min read

One space of safety many WordPress customers neglect is passwords. Certainly you’ve heard that utilizing stronger passwords can assist cut back the chance of your WordPress weblog or person accounts turning into compromised. However are you aware how one can implement robust passwords for all customers?

Should you  enable customers to register in your WordPress weblog you’ll you’ll have observed that since WordPress 4.three higher passwords have been accessible. However whereas this makes it straightforward for customers to create or reset their account with a powerful password it doesn’t have any password power necessities. That is the place a plugin can turn out to be useful to assist enhance WordPress safety.

Implement Robust Passwords in WordPress with iThemes Safety


View The DemoLearn Extra & Obtain

To implement robust passwords in WordPress and to make sure customers create stronger passwords from the start we suggest the iThemes Safety plugin. It does much more than implement robust passwords, however let’s focus in on simply that one perform for for now.

Configuring Implement Stronger Passwords

First you’ll want to put in the plugin. That is simply completed out of your WordPress dashboard by going to Plugins > Add New and trying to find “iThemes safety.” It ought to be the primary outcome, so simply click on to put in and activate the plugin.


With the plugin energetic click on on the brand new Safety menu merchandise in your dashboard to entry your iThemes Safety settings. As talked about there are a TON of superior safety choices. However for now click on on the “Configure settings” button for Password Necessities.


This can open a popup the place you may verify a field to allow the iThemes Safety power robust passwords function. You can too select a minimal person function to use this rule to. That is mainly the function or greater that can implement robust passwords.

Relying in your web site you may need to power all customers to make use of robust passwords, wherein case you’d choose the “subscriber” function. However when you require of us to signup for a subscriber account to obtain freebies chances are you’ll not need to discourage them by requiring a powerful password. On this case, it may be higher to easily apply the requirement to contributors and above.

Simply save your settings and you need to be good to go. Now when customers register or go to replace their password they’ll be pressured to pick a powerful password.


If a person makes an attempt to make use of something aside from a powerful password they need to see the above warning. This informs them to basically strive once more with one thing a bit stronger.

Should you improve to iThemes Safety Professional you’ll even have entry to Malware scans, Google reCAPTCHA, person motion logs, robust password generator, password expiration and the choice to allow 2-factor authentication for WordPress. Mainly a complete arsenal of safety hardening options.

In Abstract

By implementing robust passwords in WordPress you cut back the possibilities of accounts being compromised by a brute power assault. It additionally helps hold visitor and administrator accounts safer in your WordPress weblog.

Fortunately that is straightforward once you use a plugin like iThemes Safety, WordFence and even Power Robust Passwords. Implementing any of those plugins applies to new accounts or passwords going ahead, and is an effective way to bolster your web site safety. Simply you’ll want to remind authors or present customers to additionally give their password and replace.

gp-3010959 as-6404007

WP Saviour

I am a WordPress specialist. My mission is to help you create beautiful websites with ease!