{"id":20818,"date":"2012-11-19T05:52:42","date_gmt":"2012-11-19T05:52:42","guid":{"rendered":"https:\/\/wordpress.org\/plugins-wp\/no-weak-passwords\/"},"modified":"2026-03-25T10:41:01","modified_gmt":"2026-03-25T10:41:01","slug":"no-weak-passwords","status":"publish","type":"plugin","link":"https:\/\/lo.wordpress.org\/plugins\/no-weak-passwords\/","author":314851,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.0.2","stable_tag":"1.0.2","tested":"7.0","requires":"3.2","requires_php":"","requires_plugins":null,"header_name":"No Weak Passwords","header_author":"David Anderson","header_description":"","assets_banners_color":"","last_updated":"2026-03-25 10:41:01","external_support_url":"","external_repository_url":"","donate_link":"https:\/\/david.dw-perspective.org.uk\/donate","header_plugin_uri":"https:\/\/wordpress.org\/plugins\/no-weak-passwords","header_author_uri":"https:\/\/david.dw-perspective.org.uk","rating":4,"author_block_rating":0,"active_installs":400,"downloads":9175,"num_ratings":4,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0":{"tag":"1.0","author":"DavidAnderson","date":"2012-12-01 09:55:33"},"1.0.1":{"tag":"1.0.1","author":"DavidAnderson","date":"2016-12-06 20:57:06"},"1.0.2":{"tag":"1.0.2","author":"DavidAnderson","date":"2026-03-25 10:41:01"}},"upgrade_notice":[],"ratings":{"1":1,"2":0,"3":0,"4":0,"5":3},"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0","1.0.1","1.0.2"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":626850,"resolution":"1","location":"assets","locale":""},"screenshot-2.png":{"filename":"screenshot-2.png","revision":626850,"resolution":"2","location":"assets","locale":""}},"screenshots":{"1":"The error message when a user tries to change his password to an easy one","2":"The error message when a user with an existing easy password tries to log in"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[46254,46255,8587,8588,46253],"plugin_category":[54],"plugin_contributors":[77630],"plugin_business_model":[],"class_list":["post-20818","plugin","type-plugin","status-publish","hentry","plugin_tags-ban-passwords","plugin_tags-ban-weak-passwords","plugin_tags-password-strength","plugin_tags-passwords","plugin_tags-weak-passwords","plugin_category-security-and-spam-protection","plugin_contributors-davidanderson","plugin_committers-davidanderson"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/no-weak-passwords.svg","icon_2x":false,"generated":true},"screenshots":[{"src":"https:\/\/ps.w.org\/no-weak-passwords\/assets\/screenshot-1.png?rev=626850","caption":"The error message when a user tries to change his password to an easy one"},{"src":"https:\/\/ps.w.org\/no-weak-passwords\/assets\/screenshot-2.png?rev=626850","caption":"The error message when a user with an existing easy password tries to log in"}],"raw_content":"\n

This plugin forbids any user to choose any password from the \"common passwords list\" obtained from http:\/\/www.openwall.com\/passwords\/wordlists\/, and requires any who are already doing so to reset their passwords.<\/p>\n\n

License<\/h3>\n\n

Copyright 2012- David Anderson<\/p>\n\n

MIT License:<\/p>\n\n

Permission is hereby granted, free of charge, to any person obtaining\na copy of this software and associated documentation files (the\n\"Software\"), to deal in the Software without restriction, including\nwithout limitation the rights to use, copy, modify, merge, publish,\ndistribute, sublicense, and\/or sell copies of the Software, and to\npermit persons to whom the Software is furnished to do so, subject to\nthe following conditions:<\/p>\n\n

The above copyright notice and this permission notice shall be\nincluded in all copies or substantial portions of the Software.<\/p>\n\n

THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND,\nEXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\nMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND\nNONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE\nLIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION\nOF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION\nWITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.<\/p>\n\n\n

Standard WordPress plugin installation:<\/p>\n\n

    \n
  1. Search for \"No Weak Passwords\" in the WordPress plugin installer<\/li>\n
  2. Click 'Install'<\/li>\n<\/ol>\n\n\n
    \n

    Where are the configuration settings?<\/h3><\/dt>\n

    There are none. If the plugin is active, then it is banning all of its known weak passwords.<\/p><\/dd>\n

    What if one of my users is already using one of those passwords?<\/h3><\/dt>\n

    If they try to log in with one of these weak passwords, then they will not succeed, and they will be told to use the 'Lost Password' procedure to obtain a new password.<\/p><\/dd>\n

    What passwords does this plugin ban?<\/h3><\/dt>\n

    The 3546 listed in the \"common passwords list\" as obtained from http:\/\/www.openwall.com\/passwords\/wordlists\/ on 16th November 2012.<\/p><\/dd>\n

    I'd like to change the policy; add some different words; forbid too-short passwords, etc.<\/h3><\/dt>\n

    Please either send a patch, or make a donation on my donation page, and I will be glad to help. Otherwise, this plugin does all I wanted it to do and I've not got time to develop it further without some compensation.<\/p><\/dd>\n

    Do you have any more interesting plugins?<\/h3><\/dt>\n

    Try here<\/a> and here<\/a>.<\/p><\/dd>\n\n<\/dl>\n\n\n

    1.0.2 05\/31\/2017<\/h4>\n\n
      \n
    • COMPATIBILITY: Marked as compatible with WP 4.8<\/li>\n
    • TWEAK: If no password given, then presume they are using some other login mechanism (and if they are not, WP will refuse the login anyway)<\/li>\n<\/ul>\n\n

      1.0.1 04\/19\/2013<\/h4>\n\n
        \n
      • Marked as compatible with 3.6<\/li>\n<\/ul>\n\n

        1.0.1 12\/03\/2012<\/h4>\n\n
          \n
        • Tweaked install instructions<\/li>\n
        • Marked compatible with 3.1<\/li>\n
        • Added link to new \"use adminstrator password\" plugin<\/li>\n<\/ul>\n\n

          1.0 11\/16\/2012<\/h4>\n\n
            \n
          • First version<\/li>\n<\/ul>","raw_excerpt":"This plugin forbids any user to choose any password from the "common passwords list" obtained from http:\/\/www.openwall.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/lo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/20818","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/lo.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/lo.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=20818"}],"author":[{"embeddable":true,"href":"https:\/\/lo.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/davidanderson"}],"wp:attachment":[{"href":"https:\/\/lo.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=20818"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/lo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=20818"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/lo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=20818"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/lo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=20818"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/lo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=20818"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/lo.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=20818"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}