WordPress Password 0.6.1

MAJOR Update:

I’ve pretty well ended support of this. I’m not intentionally avoiding emails or comments, I’m just out of time and need to make you aware there’s a better way.

I’d like to encourage you *not* to use the WP-Password Plugin. Here’s why: It doesn’t protect items in feeds, it can be broken by future wordpress versions, it doesn’t protect media/videos/images in your feeds (only pages powered by WP), and at last check, changing WP to do what I want the plugin to do really jeopardizes it’s security of all other things WP. I just don’t want to do that to you.

Instead, I recommend using .htaccess to protect the directories you want people to see. Here’s a good tutorial on it: http://www.javascriptkit.com/howto/htaccess3.shtml

If I am going to do anything else with the plugin, it will be a re-write to help people create their own .htaccess rules.

Minor update to the WP-Password plugin I’ve let languish. I think I’ve fixed the redirect bug.


You’re welcome to try it out. Update the comments with any bug reports, ideas, complaints, etc.

Future plans might involve integrating WP 2.7 (and later) internal password protection to provide a better UI, handling it’s inherent per-page/post nature better (Default value, etc). Preliminary checking looks like it’ll take some changes to the WP Core to really work well, but I’ve been known to think on problems like that slowly for a while and suddenly come up with a solution… we’ll see.

Join the Conversation


  1. I miss the pictures. And if you try to post without an email it takes you to an error page but there’s no link to get back here.

  2. I miss the pictures too. Haven’t modified this theme enough to bring them back yet, but I will.

    Thanks for the report about the error.. Just convinces me I’m not done searching for a replacement them, since the Vigilance theme I was using took a crap and quit working entirely.

  3. Hi –

    does this plugin have any sort of password hashing? Is the password passed as plain text when it’s submitted?

    If so, looks like SSL for me!



  4. @Tim, if you’re concerned about pw hashing, you should really be using the built-in WP security or some other solution entirely… This plugin stops the curious snoop, not the dedicated. SSL by itself isn’t an answer there, either… it’s just encryption of data while it’s in transit – it still sits in the same systems at either end of the connection.

  5. Hi,

    I’m trying to get this plugin to password-protect my blog’s user registration form. However, the plugin does not seem to work for wp-login.php, is there any solution or workaround for this?

  6. I’ve installed this on my friends blog, but something must be wrong. Some of my friends get in, and some of them dont. I get in when I use google Chrome, but not on Internet Explorer.

    How come?

  7. Hey,

    I installed WordPress Password as a temporary measure and after deactivating it it still seems to be redirecting to the admin login page. How do I get rid of the plugin? Kind of an important site that needs to be up and live so I’d appreciate some help. Thanks.

  8. If you’ve disabled the plugin, then it’s not doing anything.

    But to completely remove it, just get rid of the wp-password folder in wp-content\plugins\

  9. hello!
    in general, I really like you PW-plugin. but I have one problem: as I use subdomains for my blogs the plugin does not direct users to the blog, if they put in the correct PW, but directs them to the main-domain. eg: the blog’s domain is xxx.madication.eu for the wordpress-folder http://www.madication.eu/blogs/xxx, the plugin redirects the user to http://www.madication.eu. if I do not use a subdomain it works perfect. do you have any idea how to repair that?
    bernhard (vienna)

  10. Hi,

    I’m using your plugin and the nextgen gallery for wordpress. Unfortunately if I enable password protection uploading of images into a gallery does not work any more (no error message – it just won’t upload).

    Any idea?


  11. Help! This has completely crashed my site and my research project has to go live tomorrow!! I cannot deactivate it OR access the blog or admin side.

Leave a comment

Your email address will not be published.