Description

Did you find this plugin helpful? Please consider leaving a 5-star review.

Harden the security of your site by preventing unauthorized access to stale user accounts.

This plugin is also ideal for sites needing to meet certain industry security compliances – such as government, banking or healthcare.

In the plugin settings you can set the maximum number of days users are allowed to use the same password (90 days by default), as well as which user roles will be required to reset their passwords regularly (non-Administrators by default).

Languages supported:

English
Czech
Español

Development of this plugin is done on GitHub. Pull requests welcome. Please see issues reported there before going to the plugin forum.

Screenshots

Configure which user roles should be required to regularly reset their passwords and how often.
Users with expired passwords are redirected to the password reset screen upon sign in.
Users are not permitted to use the same password two times in a row during reset.

Reviews

Eli 22 جُون 2018

This is very handy, I'm paranoiac when it comes to security, it's sad that the plugin seems to be abandoned 🙁 PS: The author has responded and stated the plugin is NOT abandoned so I have changed the title of my review.

Edelényi Zsolt 21 مارچ 2018

Professional, simple, reliable. I made translation to Hungarian. Can I upload or send it to you?

vtq 8 جنوري 2017

Edit: This plugin provides a great feature many WordPress admins will want. I would suggest keeping one admin account with a permanent (very strong) password to avoid being locked out in case something malfunctions - as it did to me in an earlier version. Old review: Seemed to be exactly what we needed, now when passwords expire resetting to a new password does not change the password expire message, meaning all our users are locked out. This meant we had to put in a request to our server team to disable the plugin via folder rename, just to get any access.

Svensonsan 3 سيپٽمبر 2016

This plugin should be mandatory or built-in into wordpress. Easy to setup, use and it just works.

Read all 9 reviews

Contributors & Developers

“Expire Passwords” is open source software. The following people have contributed to this plugin.

Frankie Jarrett

Translate “Expire Passwords” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

0.6.0 – January 5, 2017

Fix: Expiration not updating when resetting a password via email confirmation link.

Props @fjarrett

0.5.0 – December 23, 2016

Tweak: Indicate support for WordPress 4.7 and require at least 4.0.
Fix: Selected user roles in plugin settings not always being honored.
Fix: Destroy all sessions after login with an expired password.

Props @fjarrett

0.4.0 – April 13, 2016

New: Indicate support for WordPress 4.5.
Tweak: Bring back PHP 5.2 compatibility.

Props @fjarrett

0.3.0 – July 9, 2015

New: Language support for Czech
Tweak: Optimizations requiring PHP 5.3 or higher
Fix: User role array error before options exist

Props @fjarrett, @dero

0.2.2 – July 2, 2015

New: Language support for Español

Props @fjarrett

0.2.1 – July 2, 2015

Fix: Fatal undefined function error occuring in some cases (#3)

Props @fjarrett

0.2.0 – April 29, 2015

New: Disallow using the same password as before on reset (#1)
Tweak: Use default if limit is set to greater than 365 days

Props @fjarrett

0.1.0 – April 28, 2015

Initial release

Props @fjarrett

WordPress.org

سنڌي

Excellent Plugin

Excelent

Great feature, but a previous version of plugin locked out all our users

Solid and easy to use

WordPress.org

سنڌي

Description

Screenshots

Reviews

Contributors & Developers

Interested in development?

Changelog

0.6.0 – January 5, 2017

0.5.0 – December 23, 2016

0.4.0 – April 13, 2016

0.3.0 – July 9, 2015

0.2.2 – July 2, 2015

0.2.1 – July 2, 2015

0.2.0 – April 29, 2015

0.1.0 – April 28, 2015

Meta

Ratings

Contributors

Support