Plugin Directory

WP Password Policy Manager

Configure WordPress password policies to ensure all WordPress users use strong passwords and improve the security of your WordPress.

0.7 (2015-02-27)

  • New Feature

    • Added nonces to the plugin form to avoid an issue where an attacker could trick an authenticated / logged in user to reset all passwords or make other changes.
  • New Translations

    • The following translatoins have been added; Italian, Dutch, Polish and Serbo-Croatian.

0.6 (2015-01-13)

  • New Features

0.5 (2014-12-8)

  • New Features

    • Administrators can now enforce a user to specify the current password in profile page when changing the password - Administrators are exempt from this requirement so they can easily reset other users' password. Thanks to Jens Nilson for recommending this feature and for helping in developing it.
  • Improvements

    • Removed the need to write to /js/wppmpp.tmp.js and using built-in wp_localize_script. Update by Jens Nilson
  • Bug Fixes

    • Fixed an issue when user was redirected to password reset page when an incorrect user was specified
    • Fixed

0.4 (2014-12-1)

  • Bug Fix
    • Fixed an issue where the password was not being reset properly when changed by the admin on a user's profile page
    • Fixed an issue where user who entered incorrect password and had an expired password he was still automatically redirected to password reset page

0.3 (2014-11-24)

  • New Plugin Features

    • Password policies now also enforced in WordPress user profile page therefore when a user changes his own or someone's else password from the profile page he should adhere to the policies
    • Password policies now also enforced in "WordPress Lost Password" page, therefore when a user uses the "Lost Password" link in the login the new password should adhere to the policies
    • Added Reset All Passwords functionality - administrators can reset the passwords of all users with just 1 click (email is sent to all users with new password and once they login they should change their password again)
    • Excempt users and roles from policies - administrators can excempt users and roles from the password policies
    • Added link to Password Policies in the WordPress plugins page
  • New Password Policy

    • Password history - if enabled the plugin will remember a configurable number of previous passwords the WordPress user already used to avoid using the same password
  • Bug Fix

0.2 (2014-02-25)

  • New Password Policies

    • Password length policy - specify the minimum length a user's password should be
    • Mixed case policy - if enabled users should use both lower and UPPERcase characters in their passwords
    • Numeric digits policy - if enabled users should use numeric digits in their passwords
    • Special characters policy - ie enabled users should use special characters in their passwords
  • New Plugin Features

    • Added list of enabled policies in password reset page for users to follow when writing a new password
    • Added a popup notification box so after install administrators can immediately configure the password policies

0.1 (2014-01-15)

  • Initial release

Requires: 3.6.0 or higher
Compatible up to: 4.1.3
Last Updated: 2015-2-27
Active Installs: 1,000+


4 out of 5 stars


0 of 6 support threads in the last two months have been resolved.

Got something to say? Need help?


Not enough data

0 people say it works.
0 people say it's broken.

100,2,2 100,1,1