Search Results :

×

How to setup Password Policy Enterprise plugin | WordPress

How to setup Password Policy Enterprise plugin | WordPress


Password Policy Manager includes user’s password management features like auto password expiration, one click password reset, enforce strong password, role-based password policy, Automatically lock inactive users, password history management and many more. Weak passwords are the primary perpetrators of WordPress website attacks. To fix this issue, the password policy manager plugin was developed. Password policy will help administrators ensure that their users use strong passwords. Its password strength meter enables you to know the strength of your users’ passwords and enforce password change if deemed necessary. Configuring a strong password policy ensures the use of strong passwords thereby securing your website.


Pre-requisites: Download And Installation

You can download Password Policy Manager plugin using the following link:

add-wordpress sso download plugin

Easy to manage password policies and enforce your user to use a strong password with a user password manager, password expiration, one-click reset of …

 Tested with 6.1.1

Follow the steps below to configure password policy Enterprise plugin:

Password Policy settings -

1. Password Policy (For all Users)

  • Click on the miniOrange Password Policy plugin from the left side menu.
  • WordPress Password Security - WordPress Dashboard


  • Click For all Users button.
  • Enable Password Policy all settings toggle button on the right side.
  • Now, enable the settings as per your requirement for setting a password.
  • Click on the Save Settings button.
  • WordPress Password Security - Click Save settings button


  • Now we will open this site in a private window.
  • Enter your login credentials and click on the Login button.
  • WordPress Password Security - Enter login credentials


  • Now a password reset page popup will appear and enforce the new password policy.
  • WordPress Password Security - Reset Password page


  • Enter the Current password, New Password and Verify the new password.
  • Click on the Change Password button.
  • WordPress Password Security - Enter new and confirm password
  • Now you have Successfully reset the password for all users.


  • Password Policy (Specific Roles)

  • Click on the Specific Roles button and select any one specific user role.
  • Click on the Save Settings button.
  • WordPress Password Security - Click Save settings button
  • Now we will open this site in a private window..
  • Go to the WordPress login page and enter your login credentials.
  • You will see a popup of the reset password page.
  • The rest of the steps are the same as for all users. Click here to view the same.


2. Enable expiration time (For all Users)

  • Now let's set password expiry for all users.
  • Click For all Users button.
  • Enable Password expiry Toggle button.
  • Selects the password expiration time (Minimum 1 and Maximum 28 days, weeks or months).
  • Click on the Save Settings button.
  • WordPress Password Security - Enable Expiry time

    miniorange img Example - If you set password expiry for 1 month then users will have to set a new password after 1 month.


    Enable expiration time (Specific Role)

  • Now let's set the password expiry for a specific User role.
  • Click on the Specific Roles tab and select any user role.
  • Selects the password expiration time (Minimum 1 and Maximum 28 days, weeks or months).
  • Click on the Save Settings button.
  • WordPress Password Security - Click Save settings button

    miniorange img Example - If you set the password expiration to 1 month, the users you selected will have to set a new password after 1 month.



3. One-Click Reset Password (For all Users)

  • Terminates all logged in sessions for the users and resets their Password. Users need to set up a new Password via a Reset link sent on their email.
  • Now let's set the One-Click Reset Password for all users.
  • Click on the For all Users button.
  • First configure SMTP to reset your the passwords for all users.
  • Click on the Reset Password button.
  • WordPress Password Security - Click Reset password page


  • Go to the login page.
  • Enter your login credentials and click on the Login button.
  • See the message (Reset password link has been sent to your mail please check)
  • WordPress Password Security - Message after login


  • Go to your email and click on the Reset Password link.
  • WordPress Password Security - Reset password link


  • After that, enter the new password as per the policy given below and click on the Save button.
  • WordPress Password Security - Click save password button


  • Click on Login.
  • WordPress Password Security - Click on login


  • Enter the username and New password.
  • Click on the Login button.
  • WordPress Password Security - Click login button
  • You have Successfully logged into your account.

  • One-Click Reset Password (Specific Roles)

  • Now let's set the One-Click Reset Password for Specific Roles.
  • Click on the Specific Role and select any one user role.
  • Click on the Reset Password button.
  • WordPress Password Security - Select specific role
  • Now go to the WordPress login page and enter your login credentials.
  • Then you will see a popup of the error message.
  • The rest of the steps are the same as for all users. Click here to view the same.

Advance Settings

1. Password History Management

miniorange img This setting will prevent you and your users from using previously stored passwords. This will make the password more secure and safe from attacks. You are given the option to select the number of previous passwords you do not want to allow.

  • Go to Advance settings tab.
  • Go to the Password History Management feature and enable the Toggle button.
  • Select the number of previous passwords you do not want to allow and click on the Save Settings button.
  • WordPress Password Security - Advance Settings tab

    miniorange img Example - If your users have selected 3 previous passwords, they cannot use 3 previously used passwords.




    2. Automatically lock Inactive user

    miniorange img This setting will help you to temporarily lock those users who are inactive for a selected amount of time, because inactive users are prime targets for hackers.

  • Go to the Automatically lock inactive user feature and enable the Toggle button.
  • Now, select the time duration in days, weeks or months to lock the user automatically.
  • Click on the Save Settings button.
  • WordPress Password Security - Click save settings button

    miniorange img Example - If 1 day is chosen to lock Inactive users, then users inactive for 1 day will be automatically locked.


    3. Destroy inactive user sessions

    miniorange img Automatically logout if the user and destroy their session if they do not perform any action for the specified amount of the time.

  • Enable inactive user logout checkbox.

  • You can select inactive logout duration.
  • If you want to apply for the administrator role, enable the Apply on administrators option.
  • Click on the Save button.
  • WordPress Password Security - Click Save button

    miniorange img Example - If you have set 1 minute as the time limit, then the user will be logged out if no action is taken for 1 minute.


    4. Custom Redirect URL

    miniorange img This setting will help you to set the redirect URL, wherein the user will be redirected after they reset their password.

  • Now, Go to the Custom Redirect URL feature.
  • Select any user role and enter any redirect URL and click on the Submit button.
  • WordPress Password Security - Enter any URL
  • Now go to the WordPress login page and login.
  • You will see a popup of the reset password page.
  • After you reset the password you will be redirected to the URL you entered.



  • 5. Hide Password reset link from WP-login

    miniorange img This is a feature to hide the Lost Your Password option when you enter the wrong password while logging in.

  • Now, go to the Hide Password reset link from WP-login feature and enable the Toggle button.
  • WordPress Password Security - Enable password reset link


  • See the hide password reset link.
  • WordPress Password Security - see hide password reset link


    6. Generate Random Password

    miniorange img When you reset the password you are given the option to generate a random password.

  • Now, Go to the Generate Random Password feature and enable the Toggle button.
  • WordPress Password Security - Enable Generate random password


  • Go to the Wordpress login page and enter your login credentials.
  • Click on the Login button.
  • WordPress Password Security - Enter login credentials


  • Now a password reset page popup will appear.
  • Enter current password and click on the Generate password button.
  • WordPress Password Security - Click generate password button
  • Your password has been automatically generated.



  • 7. Customize Password Reset Page

    miniorange img This feature is provided to customize the reset password page.

  • Go to the Customize Password Reset page feature.
  • You can customize the following features as shown in the image below.
  • WordPress Password Security - Select color


  • After completing the customization click on the Save Settings button below.
  • WordPress Password Security - Click Save settings button


  • See the customize reset password page.
  • WordPress Password Security - Customize reset password page


  • If you want to reset the settings, click on the Reset Settings button on the right side.
  • WordPress Password Security - Click Reset password button


Reports

You can view the report of the users who are currently logged in as well as those who are currently inactive in the reports tab.

Users Login Report -

  • Go to the Reports tab.
  • Enable users login Report entry and all Users’ login data is shown.
  • If you want to remove the user from the users login report, click on Remove on the right side.
  • If you want to remove the data of all users from the login report, then click on the Clear All button visible on the top-right side.
  • WordPress Password Security - User login entry


Inactive Users Report -

  • Go to the Inactive Users Report.
  • If you have inactive users, then you will see the following report.
  • If you want to remove the user from the inactive users report, click on Remove on the right side.
  • If you want to remove the data of all users from the Inactive users report, then click on the Remove All button visible on the top-right side.
  • WordPress Password Security - Inactive user entry



Registration Forms

  • Go to the Registration Forms tab.
  • You can use the login forms below with the Password Policy plugin.
  • WordPress Password Security - Registration forms



Business Trial For Free

If you are looking for anything which you cannot find, please drop us an email on 2fasupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com