內容簡介
WP Password Policy 讓您為 WordPress 網站上的所有用戶定義並強制執行密碼政策。透過簡單的設定頁面,您可以設置密碼長度、複雜性、到期時間等規則,確保用戶的密碼符合安全標準。
【主要功能】
• 設定最低和最高密碼長度
• 強制密碼複雜性規則
• 密碼到期定期更新
• 需確認當前密碼才能更改
• 支援多站點網路
外掛標籤
開發者團隊
📦 歷史版本下載
原文外掛簡介
WP Password Policy lets you define and enforce password policies for all users on your WordPress site.
Set rules for password length, complexity (uppercase, lowercase, digits, special characters), restricted characters, password expiration, and more. The plugin validates passwords on login, registration, password changes, and during active sessions — automatically redirecting users to reset non-compliant passwords.
Key benefits:
Enforce password length and complexity rules from a single settings page.
Set password expiration to ensure users update their passwords regularly.
Require users to confirm their current password before making changes.
Compatible with WordPress multisite networks.
Whether you manage a personal blog, a membership site, or a multisite network, WP Password Policy helps you maintain consistent password standards across all user accounts.
Learn more at wppasswordpolicy.com.
Why password policies matter
Weak passwords remain one of the most common entry points for unauthorized access to WordPress sites. Enforcing password rules helps reduce this risk and supports compliance with security best practices.
Features
Free Features
Minimum password length — Set and enforce the minimum number of characters for user passwords.
Maximum password length — Limit password length to prevent denial-of-service attacks caused by hashing very long passwords.
Password complexity rules — Require a mix of uppercase letters, lowercase letters, digits, special characters, and a minimum number of unique characters.
Consecutive username symbols — Restrict how many consecutive characters from the username can appear in the password.
Restricted characters — Block specific characters from being used in passwords.
Maximum password age — Force users to update their passwords periodically (e.g., every 30 days).
Minimum password age — Prevent users from changing their password too frequently, discouraging rapid cycling back to an old password.
Require current password — Add a “Current Password” field to the user profile screen and validate it before allowing password changes.
Custom password hints — Replace the default WordPress password hint with a policy-specific hint based on active rules.
Site Health integration — A Site Health test reports whether your plugin settings are properly configured.
Multisite/network support — Works with both standard and multisite WordPress installations.
AI integration — On WordPress 6.9+ with the MCP Adapter plugin, list, configure, and delete password policies through natural language commands from any connected AI provider.
Translation-ready — Localize the plugin into any language.
PRO Features
Prevent password reuse — Block users from reusing their previous passwords, encouraging new, unique passwords every time.
Custom password policies per role or user — Assign different password rules for administrators, editors, WooCommerce customers, or specific users.
Block common, weak passwords — Over 100,000 common passwords are blocked, preventing users from choosing easy-to-guess passwords.
WooCommerce integration — Enforce password policies on WooCommerce account pages, password reset, and registration forms.
Ultimate Member integration — Enforce password policies within Ultimate Member registration and account forms.
Priority support and updates — Get premium email support and updates.
Learn more about the PRO version at wppasswordpolicy.com/pricing.
Video Tutorial
See the plugin in action:
Related Plugins
Looking for a way to force users to reset their passwords immediately? Check our Password Reset Enforcement plugin — it lets you require password resets site-wide, by role, or for individual users, with WP-CLI support for automation.
