Trusted WordPress tutorials, when you need them most.
Beginner’s Guide to WordPress
25 Million+
Websites using our plugins
Years of WordPress experience
WordPress tutorials
by experts

How to Add a Simple User Password Generator in WordPress

Editorial Note: We earn a commission from partner links on WPBeginner. Commissions do not affect our editors' opinions or evaluations. Learn more about Editorial Process.

Do you want to add a simple user password generator in WordPress?

Many WordPress users end up using weaker passwords for the sake of convenience. These passwords can be easily cracked by hackers, which makes your WordPress website vulnerable.

In this article, we will show you how to easily add a simple user password generator in WordPress. This will allow you or other registered users on your website to generate a strong password.

Adding a password generator in WordPress

Why Use a Stronger Password Generator in WordPress?

By default, WordPress allows you to choose a password for your user account, but it doesn’t require that the password be secure.

The built-in random password generator appears during WordPress installation, on the user registration page, and on the user profile page.

By clicking on the ‘Generate Password’ button, users can generate a new, strong password.

Similarly, when changing a password by editing their user profile, users can click on the ‘Set New Password’ button to generate unlimited combinations of unique, strong passwords.

Generating strong passwords in WordPress

However, you will notice that WordPress allows you to skip the password strength check.

The user simply needs to check the ‘Confirm use of weak password’ option.

Strong password can be escaped

Similarly, any new users registering on your WordPress website can also escape the strong password requirement by checking this option on the user registration page.

If you run a membership site or eCommerce store where many users have accounts, then this can seriously affect the security of your WordPress site.

Generate password for new user registration

That being said, let’s take a look at how to easily enforce secure passwords and require users to use the strong password generator instead. We will cover how to do this with the default WordPress user registration and login forms, along with custom forms:

Method 1: Enforce Strong Password Generator in WordPress

First, you need to install and activate the Password Policy Manager for WordPress plugin. For more details, see our step-by-step guide on how to install a WordPress plugin.

Upon activation, you need to visit the Password Policies page in the WordPress admin area and click on the ‘Enable Password Policies’ check box.

Set up password policy for all users

After that, you can set a site-wide password policy for all users. You can choose minimum password strength, enforce special characters and number usage, expire passwords after a period of time, and more.

Below that, you can set additional advanced options for password security.

For instance, you can automatically reset passwords for inactive users, prevent users from reusing old passwords, or disallow users from resetting passwords on their own.

Advanced password security options

The plugin also allows you to limit login attempts to prevent brute force attacks.

You can choose the number of login attempts a user can make, after which their account will be locked, and login will be disabled for 24 hours.

Block login attempts

You can also set a lock duration, after which the accounts will be automatically unlocked. Alternatively, you can choose to manually unlock accounts by an administrator only.

Set Password Policies Depending on User Roles

The plugin also allows you to set different password policies based on user roles.

For instance, you can set different password requirements and security settings for authors, subscribers, customers, or members on your membership website.

Set password policy for user roles

Seeing the Password Generator in Action

The plugin will now automatically display a strong password generator on the registration, profile, and password change screens in WordPress.

Password enforcement in WordPress

It also removes the checkbox that allows the use of weak passwords.

This will prevent users from setting weaker passwords or bypassing your password policy.

Password policy enforced

Method 2: Enforce Strong Passwords in Custom User Registration and Login Forms

The password policy method above works well for default WordPress user registration and password reset forms.

However, if you are using a custom user registration and password reset form, then users may still find ways around your stronger password requirements.

One easy way to enforce strong passwords is by using WPForms. It is the best WordPress form builder plugin and allows you to easily create any kind of form, including custom user registration and login page forms.

First, you need to install and activate the WPForms plugin. For more details, see our step-by-step guide on how to install a WordPress plugin.

Note: You’ll need at least the Pro plan to access the User Registration addon.

Upon activation, you need to visit the WPForms » Settings page to enter your license key. You can find this information in your account on the WPForms website.

Enter WPForms license key

After that, you need to visit the WPForms » Addons page,

Then, click on the ‘Install Addon’ button under ‘User Registration Addon’.

User registration addon

You are now ready to create your custom user registration and login forms.

Simply head over to the WPForms » Add New page. First, you need to provide a title for your form and then choose the user registration form template.

User regisration form template

This will load the form builder, where you can edit form fields.

Simply click on the ‘Password’ field to edit and turn on the ‘Enable Password Strength’ switch. Below that, you can choose the minimum password strength and set it to ‘Strong’.

Require strong password

You can now save your form and exit the form builder.

WPForms makes it super easy to add your forms anywhere on your website. Simply edit the post or page where you want to display your custom user registration form and add the WPForms block to your content area.

Add WPForms block

After that, you need to select your custom user registration form under the block settings.

WPForms will then load a live preview of your form inside the editor.

Select custom user registration form

You can now save and publish your post or page and preview your custom user registration form.

You will notice that as users fill in the password field, they will be asked to use a stronger password. The form will not be submitted with a weaker password.

Strong password required error

Expert Guides on WordPress Password Security

Now that you know how to add a password generator in WordPress, you may like to see some other step-by-step guides related to how passwords can keep your website secure:

We hope this article helped you learn how to use the simple user password generator in WordPress to enforce stronger passwords on your WordPress website. You may also want to see our step-by-step guide on how to properly move from HTTP to HTTPS or our expert picks for the best WordPress plugins for business.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. See how WPBeginner is funded, why it matters, and how you can support us. Here's our editorial process.

Editorial Staff

Editorial Staff at WPBeginner is a team of WordPress experts led by Syed Balkhi with over 16 years of experience in WordPress, Web Hosting, eCommerce, SEO, and Marketing. Started in 2009, WPBeginner is now the largest free WordPress resource site in the industry and is often referred to as the Wikipedia for WordPress.

The Ultimate WordPress Toolkit

Get FREE access to our toolkit - a collection of WordPress related products and resources that every professional should have!

Reader Interactions

4 CommentsLeave a Reply

  1. Syed Balkhi says

    Hey WPBeginner readers,
    Did you know you can win exciting prizes by commenting on WPBeginner?
    Every month, our top blog commenters will win HUGE rewards, including premium WordPress plugin licenses and cash prizes.
    You can get more details about the contest from here.
    Start sharing your thoughts below to stand a chance to win!

  2. forough says

    Thanks alot. i have installed User-pro plugin on my site that created by wordpress, all of things are work correctly but i wanna userpro generate auto password when any user register with it in my site. how can i solve this problem? it’s very important for me. please help me…

    • rob says

      i too have userpro plugin and, have you found a solution, what would be another alternative is upon activation make them change the password – and autogenerate it

  3. Frithjof says

    I like to use Lastpass. One less plugin and all my passwords are handy on my desktop and phone.

Leave A Reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.