You can use PassExpire force all users to change password at next login. Or set it to expires user passwords after 60 (Variable) days and requires a password change on login. Note: This is community wiki answer for this Question (as @tony-zeoli has already answered his own question).
Thanks Vee try require_once (ABSPATH . ‘wp-includes/class-phpass.php’); it works for me. It did worked for me too. Came on this thread about a month ago and found no solution so I had to restore from a backup. The problem came back and I’m very happy of your contribution.
The minimum requirements are that it passes the zxcvbn library’s strength check. I can’t see a simple summary of their rules. This is registered as script ‘zxcvbn-async’ that you can enqueue / make a dependency of your own scripts, and then you can run the check yourself on the client-side. See password-strength-meter and user-profile.js‘s multiple … Read more
I was busy writing up a plugin for this without even checking of one already existed. So I did a little research and found out that it does indeed already exist and that the path I was going down was the right one. Well, there’s no need to reinvent the wheel here, so here’s the … Read more
This is a built-in feature of WordPress. Create a page like you normally would. Then look at the Publish box in the upper-right corner for where it says “Visibility: Public.” Click “Public” and you’ll see some other options – “Private” and “Password Protected.” You want “Password Protected.” Check the appropriate box and enter the password … Read more
I am not sure where you else you would store the SMTP credentials? I am not comfortable storing those credentials in the Database because of the trouble you mentioned you could get into if they got out. Or putting them in a theme file. Like they mentioned in the other thread, if Apache gets screwed … Read more
not really, but can try something like: add_action(‘wp’, ‘check_post_pass’); function check_post_pass(){ if(!is_single() || !post_password_required()) return; global $post; if(isset($_COOKIE[‘wp-postpass_’.COOKIEHASH]) && $_COOKIE[‘wp-postpass_’.COOKIEHASH] !== $post->post_password){ define(‘INVALID_POST_PASS’, true); // tell the browser to remove the cookie so the message doesn’t show up every time setcookie(‘wp-postpass_’.COOKIEHASH, NULL, -1, COOKIEPATH); } } in your template: if(defined(‘INVALID_POST_PASS’)) _e(‘The password you entered is … Read more
The reason is when you execute this code setcookie(‘wp-postpass_’ . COOKIEHASH, ”, 0, COOKIEPATH); It will reset your post password cookie to blank ”, so it just work once To solve this you need to assign the original cookie and extend the timeout, like this setcookie(‘wp-postpass_’ . COOKIEHASH, $_COOKIE[‘wp-postpass_’ . COOKIEHASH], time() + 60 * … Read more
Just add a filter, where you can change the text, like this: add_filter( ‘password_hint’, function( $hint ) { return __( ‘MY OWN PASSWORD HINT’ ); } ); This can be added in functions.php in your theme. A bit of an explanation there in core you can see: return apply_filters( ‘password_hint’, $hint ); that is where … Read more
Both the the_content() and the the_excerpt() template tags already account for password-protected posts, via the post_password_required() conditional. If you need to output content, or comments, etc. outside of the_content()/the_excerpt(), call the post_password_required() conditional directly. For example, if you don’t want the comments template to be output if the post is password-protected. you could do the … Read more