Unsafe passwords are a major cause of WordPress being hacked, so lets see what plugins can help us out in this department. Here are the ones I use on my sites:
Force Strong Passwords
The WordPress user profile includes a JavaScript-powered indicator as a guide to the strength of a password being entered. However, there is nothing to stop users entering weak passwords.
Often, users changing their password to something very weak is the most vulnerable aspect of a WordPress installation. This plugin duplicates the WordPress JavaScript password strength check in PHP, and forces users with executive powers to use a strong password.
Download Force Strong Passwords
Simple User Password Generator
Users with the ability to manage users (administrators) have a new button on the add and edit user screens to generate a secure password.
Also adds an option to encourage the user to change their password, when logged in to the dashboard, as well as an option to send existing users the new, generated password.
No new settings pages or configuration screens, nothing added to the database. Just install and go!
Download Simple User Password Generator
If you enjoyed this post, make sure to subscribe to WP Mayor’s RSS feed.
One Response
Passwords are a weak link in any authentication and sending new passwords in a plain text email is very poor security. You can increase security by always using very long strong passwords made up of upper & lower case letters, numbers and special characters and always use lastpass to store unique passwords for every single login. However our favourite is Launchkey for two factor authentication without passwords at all