Using a strong password is essential for creating a secure website. Hackers can compromise your site using weak user credentials. Here’s a newsflash, “password“, “drowssap“, “changethis” & “pass1234” are NOT passwords.

Traditional Passwords Are No Longer Safe

Password-cracking techniques have matured quickly and significantly in the past few decades, but the way we create our passwords hasn’t kept pace. As a result, the most common advice you’ll hear about creating a strong password today is very outdated and impractical.

A password created with that advice, like jal43#Koo%a, is very easy for a computer to break and very difficult for a human to remember and type.

The latest and most effective types of password attacks can attempt up to 350 billion guesses per second, and that number will no doubt increase significantly over the next few years.

Also, see our post about tools for creating strong passwords

Requiring a strong password is essential for maintaining a secure WordPress site.

If you operate a site where you allow users to create their own user account or you are running a multi-site and add multiple authors and contributors, here is a way you can help them.

Simple User Password Generator Plugin

strong-password-generatorFirst, install the plugin. Once activated, this plugin adds a “Generate Password” button to the “Add New User” page and edit users page. Clicking this button will generate a strong password for the new user. You can also check the box below to send this new password to the user.

This plugin also adds another option to “Add New User” page which enables you to remind users about changing their password. Checking this option will display a notification to the user when they sign in, reminding them that they are using an auto-generated password, and they can change it to something easier to remember.


When adding new users to a WordPress site, you must always choose strong passwords for them. If you are running a multi-author blog and you are in the habit of creating new users with a default password like “drowssap″, then you are putting your site at risk. We hope that this article will help you quickly generate a strong password for users on your WordPress site. We highly recommend using tools like LastPass or 1Password.

How do you handle strong passwords on your site? Let us know in the comments below.