PRO version
3.4.0 (2025-04-25)
- New password policy rule implemented: disallow passwords found in the weaklist containing 100.000 popular passwords.
- Logic around past passwords store improved
- Settings screen style improvements
- Incorporate updates introduced in the free plugin (version 3.1.1)
- Dependencies updated
- Code improvements
3.3.0 (2025-04-04)
- Compatibility with WordPress 6.8 confirmed
- Issue of requesting the translated string too early fixed
- Ability to configure maximum password length introduced; allows to prevent denial-of-service attacks caused by hashing too long passwords
- Incorporate updates introduced in the free plugin (version 3.1.0)
- Dependencies updated
- Code improvements
3.2.0 (2025-02-21)
- Password policy reordering UI improved
- Dependencies updated
- Code improvements
3.1.0 (2025-01-24)
- Integration with WooCommerce user registration form implemented
- User registration note added
- Dependencies updated
- Code improvements
3.0.0 (2024-12-09)
- Requirements of using the free plugin removed – PRO version of the plugin is now fully self-contained
- Integration with the internal updates API improved
- Dependencies updated
- Code improvements
2.6.0 (2024-11-08)
- Compatibility with WordPress 6.7 confirmed
- Dependencies updated
- Code improvements
2.5.1 (2024-10-25)
- JS dependency map and tree-shaking optimized
- PHP 7.4 compatibility fixes implemented
2.5.0 (2024-10-17)
- Fix blog switching bug in WordPress Multisite (Network) installations
- Add caching to user roles getter function, along with proper cache invalidation, to improve the plugin's performance
- Language mapping file added for easier generation of JSON translation files
- Dependencies updated
- Code improvements
2.4.0 (2024-08-30)
- Compatibility with older version of PHP (7.4) implemented
- Dependencies updated
- Code improvements
2.3.0 (2024-08-20)
- Integration with WooCommerce implemented
- Required WordPress core version bumped to 6.6 to use the new React JSX runtime package
- Plugin container implementation improved
- Dependencies updated
- Code improvements
2.2.0 (2024-07-11)
- Settings page redesigned
- Dependencies updated
- Code improvements
2.1.2 (2024-05-24)
- Dependencies updated
- Code improvements
2.1.1 (2024-05-02)
- Plugin loader improved
2.1.0 (2024-04-26)
- Code improvements and dependency updates
- Improvements on plugin activation and deactivation hooks registration
- Components package integrated
2.0.0 (2024-03-08)
- Free and premium features separated
- Plugin container implemented
1.2.0 (2024-01-26)
- Internal dependency management improved
- Assets loading improved
- Unnecessary ABSPATH check removed
- Type check improved
- Settings and Fields configuration improved
1.1.2 (2023-12-22)
- Settings page build process improved
- Code organization improvements
- Dependency updates
1.1.1 (2023-11-24)
- Translations loading improved
- Dependency updates
1.1.0 (2023-11-10)
- User password expiry check implemented for logged-in users
- Confirmed support with WordPress 6.4
- Post-login notice updated for users whose password has expired
- Dependency updates
1.0.3 (2023-11-07)
- Logic for handling the maximum number of consecutive user symbols improved
- Dependency updates
- Typos fixed
1.0.2 (2023-10-27)
- All `site_url` functions replaced with `home_url`
1.0.1 (2023-10-26)
- Minimal supported WordPress version confirmed at 6.1
- Password compliance check on user account creation within a single-instance WordPress installation confirmed
- Fix typos
- Move uninstall hook into a separate file
1.0.0 (2023-10-25)
- The first stable release
Free version
3.1.1 (2025-04-25)
- Issue with nonce in the password reset form on password expiry fixed
- Settings screen style improvements
- Dependencies updated
- Code improvements
3.1.0 (2025-04-04)
- Compatibility with WordPress 6.8 confirmed
- Issue of requesting the translated string too early fixed
- Ability to configure maximum password length introduced; allows to prevent denial-of-service attacks caused by hashing too long passwords
- Dependencies updated
- Code improvements
3.0.0 (2025-02-21)
- The scenario where a user's password does not comply with the policy for reasons other than the minimum age, and the password age is unknown because the user has not changed the password since this plugin has been enabled, is now handled correctly
- Integration with new account registration form improved
- Password hint generation logic improved
- Dependencies updated
- Code improvements
2.7.1 (2024-11-25)
- Plugin now checks whether the PRO version is activated; in case if it is, it stops loading itself
- Uninstall file removed as it was out of date and could conflict with the PRO version of the plugin
2.7.0 (2024-11-08)
- Custom capabilities for managing the plugin settings implemented
- Compatibility with WordPress 6.7 confirmed
- Dependencies updated
- Code improvements
2.6.1 (2024-10-25)
- JS dependency map and tree-shaking optimized
- PHP 7.4 compatibility fixes implemented
2.6.0 (2024-10-17)
- Fix blog switching bug in WordPress Multisite (Network) installations
- Add caching to user roles getter function, along with proper cache invalidation, to improve the plugin's performance
- Language mapping file added for easier generation of JSON translation files
- Dependencies updated
- Code improvements
2.5.0 (2024-08-30)
- Compatibility with older version of PHP (7.4) implemented
- Dependencies updated
- Code improvements
2.4.0 (2024-08-20)
- Password reset validation improvements – now rendering an user-friendly error message rather than a "wp_die" screen
- Password hint logic improved
- Required WordPress core version bumped to 6.6 to use the new React JSX runtime package
- Plugin container implementation improved
- Dependencies updated
- Code improvements
2.3.0 (2024-07-11)
- Settings page redesigned
- Dependencies updated
- Code improvements
2.2.0 (2024-05-24)
- Dependencies updated
- Code improvements
- Basic onboarding process implemented
2.1.1 (2024-04-26)
- Plugin assets and descriptions updated
2.1.0 (2024-04-26)
- Code improvements and dependency updates
- Improvements on plugin activation and deactivation hooks registration
2.0.0 (2024-04-12)
- The first stable, public release
Features
Explore These Powerful Features Next
Discover the features offered by the Password Policy & Complexity Requirements plugin for WordPress.
Easy Setup & Configuration
Set up password policies in just a few clicks – no complex configurations required. With preconfigured defaults, you’re ready to go in minutes.
Passwords Reuse Prevention
This feature prevents users from reusing previous passwords, requiring them to create a completely new one instead of relying on their favorite.
Password Complexity Enforcement
Ensure user passwords include uppercase and lowercase letters, digits, special characters, and unique (non-repeated) characters – while limiting consecutive symbols from the user’s name.
Dedicated Policies by User and/or Role
Apply password policies to specific users by username or user role. Create dedicated password policies for vendors, freelancers, or users with higher permissions – giving you complete control over your security settings.
Customizable Password Policy Rules
Easily tailor password policy rules to meet your organization’s security needs. Enable or disable specific rules and adjust all settings with flexibility.
Healthy Passwords Retention
Ensure your website’s security by defining clear password retention rules, reducing the risk of compromised accounts.
Restricted Passwords List
Ensure users avoid weak passwords such as “admin,” “password,” or “johnny123.” Use the predefined list provided by this plugin and freely adjust it to meet your specific needs.