If your site allows new user registration, it is good to make sure every user uses a strong password. After registration, a randomly generated password will be sent to their email. Then, users can change their password from the profile page. Although WordPress will show the strength of the password to users, it will not prevent them from using weak passwords. Some people might not even care if they’re using a weak password.
This is really bad if you have a large number of registered users with admin or editor roles.
In order to force users using a strong password, all you need to do is to install and activate Force Strong Passwords plugin. No configuration is needed and the plugin is ready to be used once activated.
Once I’ve installed the plugin, I tried to change my password to a new password with medium-strength, it will give an error.
This is a good indicator which means the plugin will only allow strong passwords to be used, no weak or medium password anymore.
Leave a Reply