Search Results :

×

How to setup miniOrange password policy premium plugin in WordPress?


Password Policy Manager includes user’s password management features like auto password expiration, one click password reset, enforce strong password, role-based password policy, Automatically lock inactive users, password history management and many more. Weak passwords are the primary perpetrators of WordPress website attacks. To fix this issue, the password policy manager plugin was developed. Password policy will help administrators ensure that their users use strong passwords. Its password strength meter enables you to know the strength of your users’ passwords and enforce password change if deemed necessary. Configuring a strong password policy ensures the use of strong passwords thereby securing your website.


Pre-requisites: Download And Installation

You can download Password Policy Manager free plugin using the following link:

add-wordpress sso download plugin

Easy to manage password policies and enforce your user to use a strong password with a user password manager, password expiration, one-click reset of …

 Tested with 6.1.1

Follow the steps below to configure password policy Premium plugin:

Password Policy settings -

1. Password Policy (For all Users)

  • Click on the miniOrange Password Policy plugin from the left side menu.
  • WordPress password security configuration - WordPress Dashboard


  • Click For all Users button.
  • Enable Password Policy all settings toggle button on the right side.
  • Now, enable the settings as per your requirement for setting a password.
  • Click on the Save Settings button.
  • WordPress password security configuration - Click Save settings button


  • Now we will open this site in a private window.
  • Enter your login credentials and click on the Login button.
  • WordPress password security configuration - Enter login credentials


  • Now a password reset page popup will appear and enforce the new password policy.
  • WordPress password security configuration - Reset Password page


  • Enter the Current password, New Password and Verify the new password.
  • Click on the Change Password button.
  • WordPress password security configuration - Enter new and confirm password
  • Now you have Successfully reset the password for all users.


  • Password Policy (Specific Roles)

  • Click on the Specific Roles button and select any one specific user role.
  • Click on the Save Settings button.
  • WordPress password security configuration - Click Save settings button
  • Now we will open this site in a private window..
  • Go to the WordPress login page and enter your login credentials.
  • You will see a popup of the reset password page.
  • The rest of the steps are the same as for all users. Click here to view the same.


2. Enable expiration time (For all Users)

  • Now let's set password expiry for all users.
  • Click For all Users button.
  • Enable Password expiry Toggle button.
  • Selects the password expiration time (Minimum 1 and Maximum 28 days, weeks or months).
  • Click on the Save Settings button.
  • WordPress password security configuration - Enable Expiry time

    miniorange img Example - If you set password expiry for 1 month then users will have to set a new password after 1 month.


    Enable expiration time (Specific Role)

  • Now let's set the password expiry for a specific User role.
  • Click on the Specific Roles tab and select any user role.
  • Selects the password expiration time (Minimum 1 and Maximum 28 days, weeks or months).
  • Click on the Save Settings button.
  • WordPress password security configuration - Click Save settings button

    miniorange img Example - If you set the password expiration to 1 month, the users you selected will have to set a new password after 1 month.



3. One-Click Reset Password (For all Users)

  • Terminates all logged in sessions for the users and resets their Password. Users need to set up a new Password via a Reset link sent on their email.
  • Now let's set the One-Click Reset Password for all users.
  • Click on the For all Users button.
  • First configure SMTP to reset your the passwords for all users.
  • Click on the Reset Password button.
  • WordPress password security configuration - Click Reset password page


  • Go to the login page.
  • Enter your login credentials and click on the Login button.
  • See the message (Reset password link has been sent to your mail please check)
  • WordPress password security configuration - Message after login


  • Go to your email and click on the Reset Password link.
  • WordPress password security configuration - Reset password link


  • After that, enter the new password as per the policy given below and click on the Save button.
  • WordPress password security configuration - Click save password button


  • Click on Login.
  • WordPress password security configuration - Click on login


  • Enter the username and New password.
  • Click on the Login button.
  • WordPress password security configuration - Click login button
  • You have Successfully logged into your account.

  • One-Click Reset Password (Specific Roles)

  • Now let's set the One-Click Reset Password for Specific Roles.
  • Click on the Specific Role and select any one user role.
  • Click on the Reset Password button.
  • WordPress password security configuration - Select specific role
  • Now go to the WordPress login page and enter your login credentials.
  • Then you will see a popup of the error message.
  • The rest of the steps are the same as for all users. Click here to view the same.

Advance Settings

1. Password History Management

miniorange img This setting will prevent you and your users from using previously stored passwords. This will make the password more secure and safe from attacks. You are given the option to select the number of previous passwords you do not want to allow.

  • Go to Advance settings tab.
  • Go to the Password History Management feature and enable the Toggle button.
  • Select the number of previous passwords you do not want to allow and click on the Save Settings button.
  • WordPress password security configuration - Advance Settings tab

    miniorange img Example - If your users have selected 3 previous passwords, they cannot use 3 previously used passwords.




    2. Automatically lock Inactive user

    miniorange img This setting will help you to temporarily lock those users who are inactive for a selected amount of time, because inactive users are prime targets for hackers.

  • Go to the Automatically lock inactive user feature and enable the Toggle button.
  • Now, select the time duration in days, weeks or months to lock the user automatically.
  • If you want to apply to the administrator, then enable the checkbox in front of Apply on Administrator.
  • Click on the Save Settings button.
  • WordPress Password Security - Click save settings button

    miniorange img Example - If 1 day is chosen to lock Inactive users, then users inactive for 1 day will be automatically locked.


    3. Force Reset Password on first login

    miniorange img Enable this setting so your users, customers & subscribers reset their password the first time they login to your website.

  • Go to the Force Reset Password on first login feature and enable the Toggle button.
  • WordPress password security configuration - Enable Force reset password



    4. Hide Password reset link from WP-login

    miniorange img This is a feature to hide the Lost Your Password option when you enter the wrong password while logging in.

  • Now, go to the Hide Password reset link from WP-login feature and enable the Toggle button.
  • WordPress password security configuration - Enable password reset link


  • Enter the exact text you want to hide from wp-login page and click on the Save button.
  • WordPress password security configuration - Enter String


  • Go to the login page and see the hide text.



  • 5. Generate Random Password

    miniorange img When you reset the password you are given the option to generate a random password.

  • Now, Go to the Generate Random Password feature and enable the Toggle button.
  • WordPress password security configuration - Enable Generate random password


  • When user login first time he will see generate password option on password reset page.
  • Enter current password and click on the Generate password button.
  • WordPress Password Security - Click generate password button
  • Your password has been automatically generated.



  • Reports

    You can view the report of the users who are currently logged in as well as those who are currently inactive in the reports tab.

    Users Login Report -

    • Go to the Reports tab.
    • Enable users login Report entry and all Users’ login data is shown.
    • If you want to remove the user from the users login report, click on Remove on the right side.
    • If you want to remove the data of all users from the login report, then click on the Clear All button visible on the top-right side.
    • WordPress password security configuration - User login entry


    Inactive Users Report -

    • Go to the Inactive Users Report.
    • If you have inactive users, then you will see the following report.
    • If you want to remove the user from the inactive users report, click on Remove on the right side.
    • If you want to remove the data of all users from the Inactive users report, then click on the Remove All button visible on the top-right side.
    • WWordPress password security configuration - Inactive user entry



    Registration Forms

    • Go to the Registration Forms tab.
    • You can use the login forms below with the Password Policy plugin.
    • WordPress password security configuration - Registration forms



    Business Trial For Free

    If you are looking for anything which you cannot find, please drop us an email on securityteam@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com