Skip to content
WordPress.org
  • Showcase
  • Plugins
  • Themes
  • Hosting
  • News
    • Learn WordPress
    • Documentation
    • Education
    • Forums
    • Developers
    • Blocks
    • Patterns
    • Photos
    • Openverse ↗︎
    • WordPress.tv ↗︎
    • About WordPress
    • Make WordPress
    • Events
    • Five for the Future
    • Enterprise
    • Gutenberg ↗︎
    • Job Board ↗︎
    • Swag Store ↗︎
  • Get WordPress
Get WordPress
WordPress.org

Plugin Directory

EffortLess Temporary Secure Login

  • Submit a plugin
  • My favorites
  • Log in
  • Submit a plugin
  • My favorites
  • Log in

EffortLess Temporary Secure Login

By domclic
Download
  • Details
  • Reviews
  • Installation
  • Development
Support

Description

EffortLess Temporary Secure Login lets an administrator create a time-limited login link for a developer or support person, without ever sharing a password. Choose a role, choose an expiry, copy the link. The link auto-expires (deleting the temporary account and destroying its sessions) or can be revoked instantly.

Installation

  1. Upload the plugin files to /wp-content/plugins/effortless-temporary-secure-login, or install directly through the WordPress plugins screen.
  2. Activate the plugin.
  3. Go to Users > Temporary Logins to create your first temporary login.

FAQ

Does this share my real password?

No. The plugin creates a separate, disposable WordPress user account and authenticates the recipient via a secure signed link — no password is ever shared or stored in plain text.

What happens when a temporary login expires?

The account is automatically logged out, its sessions destroyed, and the underlying WordPress user account deleted. The event stays visible in the plugin’s activity log.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“EffortLess Temporary Secure Login” is open source software. The following people have contributed to this plugin.

Contributors
  • domclic

Translate “EffortLess Temporary Secure Login” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.1.2

  • Fixed: a temporary login’s granted Super Admin status was never actually revoked on expiry, revoke, or uninstall — revoke_super_admin() was called with the temporary account’s username instead of its numeric user ID (which WordPress core silently ignores), and the uninstall routine didn’t call it at all.
  • Fixed: network-activating the plugin on a multisite install with existing sites only provisioned the tables/cron for one site; every other existing site never got its eltsl_logins/eltsl_activity tables.
  • Fixed: sites that only got provisioned via the lazy per-site upgrade path never had the hourly expiry sweep scheduled.
  • Fixed: uninstall only cleaned up the first 100 sites on a large network (missing number => 0 on the site query).
  • Fixed: an unparseable custom expiry date silently created an already-expired login instead of falling back to the default duration.
  • Improved: front-end token verification now looks up the matching login by its indexed token hash instead of scanning and re-hashing every active login.
  • Improved: the Network Admin list table no longer re-resolves a site’s URL once per row, and skips the lookup entirely for sites with no logins.
  • Refactored: the per-site and network-wide list tables now share their column-rendering and revoke-link logic instead of duplicating it.

1.1.1

  • Fixed a 404 when generating or revoking a temporary login from Network Admin — the create form and revoke links pointed at wp-admin/network/admin-post.php, which doesn’t exist; admin-post.php is a shared handler that always lives at wp-admin/admin-post.php.

1.1.0

  • Added a Network Admin > Users > Temporary Logins page (multisite) with a site picker to create a temporary login for any site in the network, plus a combined list/revoke table across every site.
  • Added an option (Network Admin only, visible only to an existing Super Admin) to also grant the temporary account real Super Admin rights for the login’s lifetime, cleanly revoked via revoke_super_admin() on expiry or manual revoke.
  • Existing installs are upgraded automatically (adds the is_super_admin column to the logins table).

1.0.3

  • Set Author to domclic (Donate link intentionally stays https://id7.dev/donate/, per project convention).

1.0.2

  • Renamed to “EffortLess Temporary Secure Login” and set Contributors to domclic.
  • Fixed Plugin Check findings: prefixed template loop variables in the admin view, and switched the direct-file-access guard in helpers.php/class-eltsl-secret.php to the standard ABSPATH-only check (recognized by automated scanners) — test loading now sets ABSPATH itself instead of a separate testing constant.

1.0.1

  • Fixed multisite: sites created after Network Activation now get their tables and cron sweep provisioned automatically, and network-wide uninstall now cleans up every site instead of only the current one.

1.0.0

  • Initial release.

Meta

  • Version 1.1.2
  • Last updated 12 hours ago
  • Active installations Fewer than 10
  • WordPress version 6.2 or higher
  • Tested up to 7.0.1
  • PHP version 7.4 or higher
  • Tags
    loginpasswordlesssecuritysupporttemporary access
  • Advanced View

Ratings

No reviews have been submitted yet.

Your review

See all reviews

Contributors

  • domclic

Support

Got something to say? Need help?

View support forum

Donate

Would you like to support the advancement of this plugin?

Donate to this plugin

  • About
  • News
  • Hosting
  • Privacy
  • Showcase
  • Themes
  • Plugins
  • Patterns
  • Learn
  • Documentation
  • Developers
  • WordPress.tv ↗
  • Get Involved
  • Events
  • Donate ↗
  • Five for the Future
  • WordPress.com ↗
  • Matt ↗
  • bbPress ↗
  • BuddyPress ↗
WordPress.org
WordPress.org
  • Visit our X (formerly Twitter) account
  • Visit our Bluesky account
  • Visit our Mastodon account
  • Visit our Threads account
  • Visit our Facebook page
  • Visit our Instagram account
  • Visit our LinkedIn account
  • Visit our TikTok account
  • Visit our YouTube channel
  • Visit our Tumblr account
Code is Poetry
The WordPress® trademark is the intellectual property of the WordPress Foundation.