Password length / strength

Yes and no.

The plugin does not have a setting for this. However, it is customizable with action and filter hooks in most processes.

There is a premium extension available that has a number of password settings including requiring strong passwords (uses the WP password strength meter in the form). See: https://rocketgeek.com/plugins/wp-members/extensions/security-extension/

Hi Chad

Thank you, I’ve got that all up and running!

However, I was wondering if there is a way to:

1) Disable the “Update Password” button until the strong password criteria has been met

And/or

2) Display an error message back to the user if they try to enter a weak/medium password?

Users are currently getting a bit confused as it looks as though they can update their password as the button is active, but when they click it, nothing happens to tell them they’ve not set a strong enough password.

Any advice would be much appreciated.

Many thanks,

Matt

Possible? Yes. Explained simply? Unfortunately, no.

The broad answer is that yes you can do this by applying some JavaScript (ideally jQuery). You could implement WP’s meter (which also disables the button until the meter meets the criteria).

There are some articles out there on how to use WP’s password meter in your own form, and the information can be adapted to this case by filtering it in.

That’s essentially what I did when I built it into the Security extension.

I used wp_enqueue_script to load my custom javascript and css (which I built from tutorials found on the web about how to integrate the WP password meter). I used wpmem_login_form_rows and wpmem_register_form_rows to add a new row to contain the HTML required for the meter. And I used wpmem_register_form_buttons to filter the button HTML to add the “disabled” class needed for the submit button (that required an str_replace() but could also be done replacing the entire HTML string).

Thanks Chad, that’s superb.

I’ll give that a look and see how I get on.

Many thanks again,

Matt