Your WordPress security is only as good as your WordPress password security. If you have a simple password, you have a simple site to hack.
WordPress Password Security Basics
Your WordPress password should meet the following requirements:
- Include numbers, capitals, special characters (@, #, *, etc.)
- Be long (10 characters – minimum; 50 characters – ideal)
- Can include spaces and be a passphrase (Just don’t use the same password in multiple places)
- Change passwords every 120 days, or 4 months
Enforce Strong WordPress Passwords
The iThemes Security plugin allows you to enforce strong WordPress passwords for all the users on your site.
- From the WordPress dashboard, expand the iThemes Security menu.
- Click the Settings link.
- From the drop-down menu, click Strong Passwords.
- From this section, check the Enable strong password enforcement.
- Select the minimum role at which a user must choose a strong password (Administrator, Editor, Author, Contributor, Subscriber)
- Click the Save All Changes button.
Generate Strong WordPress Passwords
After enabling strong password enforcement from the iThemes Security dashboard, visit any user profile page. In the Account Management section, you can generate a strong password with just one click.
WordPress Password Expiration
With iThemes Security Pro plugin, you can enable WordPress password expiration. We recommend changing passwords every 120 days, or 4 months, and with this setting, you can force users to change their passwords after a certain number of days.
- From your iThemes Security Pro Dashboard, visit the Pro tab.
- Click Enable password expiration.
- Once you’ve enabled password expiration, can select the minimum role for password expiration. You can also choose to force a periodic password change and even set the maximum password age (the number of days a password can be in use before requiring a new one).
- Click the Save All Changes button.
Get WordPress Password Security with iThemes Security Pro Now
See the 30+ ways iThemes Security protects your WP sites. Pro users can take advantage of features like ticketed support, Malware Scanning and WordPress Password Expiration.