Menu
iThemes
WordPress Security, Backups & Maintenance
iThemes Security Pro log, a shield with a person inside of it.

WordPress Password Security

Pro Features Weekly WP Vulnerability Report Buy Pro Now

Your WordPress security is only as good as your WordPress password security. If you have a simple password, you have a simple site to hack.

WordPress Password Security Basics

Your WordPress password should meet the following requirements:

  • Include numbers, capitals, special characters (@, #, *, etc.)
  • Be long (10 characters – minimum; 50 characters – ideal)
  • Can include spaces and be a passphrase (Just don’t use the same password in multiple places)
  • Change passwords every 120 days, or 4 months

Enforce Strong WordPress Passwords

The iThemes Security plugin allows you to enforce strong WordPress passwords for all the users on your site.

  1. From the WordPress dashboard, expand the iThemes Security menu.
  2. Click the Settings link.
  3. From the drop-down menu, click Strong Passwords.WordPress password security
  4. From this section, check the Enable strong password enforcement.
  5. Select the minimum role at which a user must choose a strong password (Administrator, Editor, Author, Contributor, Subscriber)
  6. Click the Save All Changes button.

Generate Strong WordPress Passwords

After enabling strong password enforcement from the iThemes Security dashboard, visit any user profile page. In the Account Management section, you can generate a strong password with just one click.
wordpress password generator plugin

WordPress Password Expiration

With iThemes Security Pro plugin, you can enable WordPress password expiration. We recommend changing passwords every 120 days, or 4 months, and with this setting, you can force users to change their passwords after a certain number of days.

  1. From your iThemes Security Pro Dashboard, visit the Pro tab.
  2. Click Enable password expiration.wordpress password plugin
  3. Once you’ve enabled password expiration, can select the minimum role for password expiration. You can also choose to force a periodic password change and even set the maximum password age (the number of days a password can be in use before requiring a new one).
  4. Click the Save All Changes button.

Get WordPress Password Security with iThemes Security Pro Now

See the 30+ ways iThemes Security protects your WP sites. Pro users can take advantage of features like ticketed support, Malware Scanning and WordPress Password Expiration.

Get iThemes Security Pro

Get the Weekly WordPress Vulnerability Report

Vulnerable WordPress plugins and themes are the #1 reason WordPress sites get hacked, but keeping track of every new plugin and theme vulnerability is hard work. Get the weekly WordPress Vulnerability Report delivered right to your inbox to help keep your website secure.

Get the Report
Copy link
CopyCopied
Powered by Social Snap