Plugin key benefits & features

Enforce Strong Passwords

Easily enable password policies and enforce the use of strong passwords on your WordPress websites within seconds!

Block Failed Login Attempts

Automatically block users with too many failed login attempts to protect your website & users from successful password and dictionary attacks.

WooCommerce Ready

Do you have a subscription or eCommerce business powered website with WooCommerce? Enforce policies on shop managers, subscribers & customers with just a few mouse clicks.

Supports Custom Login Pages

Do you use custom login pages on your WordPress website? No problem! Strong password policies can still be enforced via custom login and password reset forms.

Supports Third Party Plugins

Our plugin fully supports third party e-commerce, membership, subscription and any other type of user management plugins right out of the box.

Multisite Network Compatible

Enforce strong password policies at network level so no user jeopardizes the security of your multisite network.

Configurable Password Policies

All the password policies are configurable. You can configure policies for password length, history, complexity, use of special characters and many others.

Automatically Lock Inactive Users

Inactive users are an easy prime target for malicious hackers. Our plugin automatically identifies & locks inactive users to help you protect your website. It also alerts you about them.

Password Policies per User Role

Configure different password policies for different user roles, including custom ones. You can also exclude a specific user, or user role from all the policies.

1-Click Reset All Passwords

Reset all of the password and terminate all logged in sessions with just 1 click in case of suspicious activity. All users receive clear instructions on how reset their passwords, making this an easy process.

First Time Login Password Change

Configure policies so your users, customers & subscribers reset their password the first time they login to your website, eCommerce store or service portal.

A Well-built Secure Plugin

The plugin uses WordPress’ own and built-in mechanism for handling passwords, and does not send any passwords over emails, ensuring optimum security.

Easy to Use Plugin

WPassword is very easy to use. It uses the same WordPress look & feel so you do not have to learn a new system. There is no learning curve.

Boost your Website's Security

The security defenses of your WordPress website are as strong as the users' weakest password. Therefore by enforcing strong password policies you boost the security of your website.

Weekly summary email

Configure the plugin to send a weekly email with a summary of password activity including inactivity lockouts, failed logins, and password resets.

Disable password reset requests

Keep your website secure by disabling the password reset request link, requiring users to manually ask for a new password should this be required.

Ensure WordPress Password Security


The main culprit of WordPress hack attacks are weak passwords. Users always use weak passwords, even though WordPress auto suggests strong passwords.

Unless you enforce strong password with policies your users’ weak passwords put your website and business at risk. WPassword was developed to address this problem – it helps WordPress website owners and administrators ensure their users use strong and unguessable passwords.

Learn more on why you need to enforce strong password policies on your WordPress

What are customers saying about WPassword?

Awesome support. Emailed me a code change within 2 days. (maybe less because of time differences). This is EXACTLY what I need to keep all the users of an intranet using STRONG passwords.

- FreshIdeas Marketing Solution

This is a great plugin to enforce password policies on wordpress sites. I had questions on enabling the plugin for my usage and I am impressed by the responsive & great support from Robert. Thank you very much!

- Leonard Cheok

The features offered in this plugin should really be consider for inclusion within core. It has the potential to secure so many sites. I know it can be annoying to change your password every x days, but this plugin really makes implementing a security policy easy within WordPress. I’m installing it on all client sites now.

- Chad