[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTOVSmzMM7AIeuapgVKH8xYjWsoP9NCXpPeDGD4Ravag":3,"$fNrD7q0wGaNVuL1aBTZngWygF3fS4YejhGsLMZ1toohw":177,"$fDVH_ASAZVFBmwn1I1QTCy81SiFUHLfiGaQSb6r_r_sM":182},{"slug":4,"name":4,"version":5,"author":6,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":35,"analysis":134,"fingerprints":163},"wp-bcrypt","1.0.1","harrym","https:\u002F\u002Fprofiles.wordpress.org\u002Fharrym\u002F","\u003Cp>WordPress uses phpass to store passwords. Because WordPress has to work everywere, it uses the portable version of phpass,\u003Cbr \u002F>\nwhich uses MD5 to hash passwords. MD5 is not a very good hashing algorithm for passwords, because it’s relatively fast.\u003C\u002Fp>\n\u003Cp>This plugin switches over to bcrypt, which is the algorithm recommended by phpass, and is a much better option for password\u003Cbr \u002F>\nstorage because it is much slower to produce. This makes it much harder for an attacker who’s managed to access your hashed\u003Cbr \u002F>\npasswords to obtain plain text passwords by brute-forcing, or by trying passwords from a dictionary.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note: this plugin requires PHP 5.3.0 or newer\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Be aware that if you use this plugin and then move to a host that does not support bcrypt, you will need to reset any user\u003Cbr \u002F>\naccount that you want to log in with.\u003C\u002Fp>\n","wp bcrypt switches WordPress's password hashes from MD5 to bcrypt, making it harder for them to be brute-forced if they are leaked.",300,13973,100,4,"2014-06-05T15:25:00.000Z","3.9.40","3.4","",[19,20],"passwords","security","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-bcrypt\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-bcrypt.1.0.1.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":6,"display_name":6,"profile_url":7,"plugin_count":30,"total_installs":31,"avg_security_score":23,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},3,400,30,84,"2026-05-20T00:50:09.206Z",[36,57,76,95,114],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":55,"download_link":56,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"wc-password-strength-settings","Password Strength Settings for WooCommerce","3.0.1","Danny Santoro","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanielsantoro\u002F","\u003Cp>Help secure your WooCommerce site by enforcing stronger passwords and taking additional control of your strength requirements.\u003C\u002Fp>\n\u003Ch3>What does this plugin do?\u003C\u002Fh3>\n\u003Cp>WooCommerce has an integrated Password Strength Meter which forces users to use strong passwords. Sometimes this isn’t desirable – with this plugin, you can choose between five password levels ranging from “Anything Goes” to “Strong Passwords Only”. In addition, you can modify the colors and appearance of these custom messages, as well as modify or remove the password hint. For details on how the password strength is determined, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDanielSantoro\u002Fwc-password-strength-settings\u002Fwiki\u002FHow-Password-Strength-is-Determined\" rel=\"nofollow ugc\">please read the documentation here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>What’s New?\u003C\u002Fh4>\n\u003Cp>Version 3.0.0 is a bit of a rewrite to bring the plugin up to modern coding standards. Functionality should not be impacted, but if it is, please reach out on the support forums.\u003C\u002Fp>\n\u003Cp>Version 3.0.1 is simply a hotfix declaring compatibility with WooCommerce HPOS. Since this plugin doesn’t touch anything with the orders or order metadata, it shouldn’t be impacted at all. \u003Cem>However\u003C\u002Fem>, if you notice any issues then please reach out via the contact form on my website.\u003C\u002Fp>\n\u003Ch4>Notes\u003C\u002Fh4>\n\u003Cp>While this does allow for user accounts to have weaker passwords, it’s a good idea to still encourage strong password use – \u003Cem>especially\u003C\u002Fem> for administrators!\u003C\u002Fp>\n\u003Ch4>Planned Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Option to remove “- Please enter a stronger password.” that is added by WordPress.\u003C\u002Fli>\n\u003Cli>Nothing else at the moment, but let me know if you have any ideas.\u003C\u002Fli>\n\u003C\u002Ful>\n","Help secure your WooCommerce site by enforcing stronger passwords and taking additional control of your strength requirements.",10000,177306,90,24,"2023-10-11T20:51:00.000Z","6.3.8","5.8",[52,19,20,53,54],"accounts","users","woocommerce","https:\u002F\u002Fdanielsantoro.com\u002Fproject\u002Fwoocommerce-password-strength-settings-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwc-password-strength-settings.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":33,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":17,"download_link":75,"security_score":12,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"expire-user-passwords","Expire User Passwords","1.4.2","Matt Miller","https:\u002F\u002Fprofiles.wordpress.org\u002Fmillermedianow\u002F","\u003Cp>Note: This is a forked version of the now unsupported \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fexpire-passwords\u002F\" rel=\"ugc\">Expire Passwords\u003C\u002Fa> plugin. The notes below are copied over from the original plugin and will be updated as relevant updates become available. Please help by contributing to the GitHub repository \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\" rel=\"nofollow ugc\">Expire Passwords\u003C\u002Fa> on GitHub\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fexpire-user-passwords\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Harden the security of your site by preventing unauthorized access to stale user accounts.\u003C\u002Fp>\n\u003Cp>This plugin is also ideal for sites needing to meet certain industry security compliances – such as government, banking or healthcare.\u003C\u002Fp>\n\u003Cp>In the plugin settings you can set the maximum number of days users are allowed to use the same password (90 days by default), as well as which user roles will be required to reset their passwords regularly (non-Administrators by default).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Languages supported:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Albanian (Shqip)\u003C\u002Fli>\n\u003Cli>Arabic (العربية)\u003C\u002Fli>\n\u003Cli>Armenian (Հայերեն)\u003C\u002Fli>\n\u003Cli>Basque (Euskara)\u003C\u002Fli>\n\u003Cli>Bengali (বাংলা)\u003C\u002Fli>\n\u003Cli>Bulgarian (Български)\u003C\u002Fli>\n\u003Cli>Catalan (Català)\u003C\u002Fli>\n\u003Cli>Chinese Simplified (简体中文)\u003C\u002Fli>\n\u003Cli>Croatian (Hrvatski)\u003C\u002Fli>\n\u003Cli>Czech (Čeština)\u003C\u002Fli>\n\u003Cli>Danish (Dansk)\u003C\u002Fli>\n\u003Cli>Dutch (Nederlands)\u003C\u002Fli>\n\u003Cli>Estonian (Eesti)\u003C\u002Fli>\n\u003Cli>Finnish (Suomi)\u003C\u002Fli>\n\u003Cli>French (Français)\u003C\u002Fli>\n\u003Cli>Galician (Galego)\u003C\u002Fli>\n\u003Cli>Georgian (ქართული)\u003C\u002Fli>\n\u003Cli>German (Deutsch)\u003C\u002Fli>\n\u003Cli>Greek (Ελληνικά)\u003C\u002Fli>\n\u003Cli>Hebrew (עברית)\u003C\u002Fli>\n\u003Cli>Hindi (हिन्दी)\u003C\u002Fli>\n\u003Cli>Hungarian (Magyar)\u003C\u002Fli>\n\u003Cli>Indonesian (Bahasa Indonesia)\u003C\u002Fli>\n\u003Cli>Irish (Gaeilge)\u003C\u002Fli>\n\u003Cli>Italian (Italiano)\u003C\u002Fli>\n\u003Cli>Japanese (日本語)\u003C\u002Fli>\n\u003Cli>Korean (한국어)\u003C\u002Fli>\n\u003Cli>Latvian (Latviešu)\u003C\u002Fli>\n\u003Cli>Lithuanian (Lietuvių)\u003C\u002Fli>\n\u003Cli>Macedonian (Македонски)\u003C\u002Fli>\n\u003Cli>Norwegian (Norsk)\u003C\u002Fli>\n\u003Cli>Persian (فارسی)\u003C\u002Fli>\n\u003Cli>Persian – Afghanistan (دری)\u003C\u002Fli>\n\u003Cli>Polish (Polski)\u003C\u002Fli>\n\u003Cli>Portuguese – Brazil (Português do Brasil)\u003C\u002Fli>\n\u003Cli>Portuguese – Portugal (Português)\u003C\u002Fli>\n\u003Cli>Romanian (Română)\u003C\u002Fli>\n\u003Cli>Russian (Русский)\u003C\u002Fli>\n\u003Cli>Serbian (Српски)\u003C\u002Fli>\n\u003Cli>Slovak (Slovenčina)\u003C\u002Fli>\n\u003Cli>Slovenian (Slovenščina)\u003C\u002Fli>\n\u003Cli>Spanish (Español)\u003C\u002Fli>\n\u003Cli>Swedish (Svenska)\u003C\u002Fli>\n\u003Cli>Tamil (தமிழ்)\u003C\u002Fli>\n\u003Cli>Thai (ไทย)\u003C\u002Fli>\n\u003Cli>Turkish (Türkçe)\u003C\u002Fli>\n\u003Cli>Ukrainian (Українська)\u003C\u002Fli>\n\u003Cli>Urdu (اردو)\u003C\u002Fli>\n\u003Cli>Vietnamese (Tiếng Việt)\u003C\u002Fli>\n\u003Cli>Welsh (Cymraeg)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FMiller-Media\u002Fexpire-passwords\u002Fissues\" rel=\"nofollow ugc\">issues reported\u003C\u002Fa> there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","Require certain users to change their passwords on a regular basis.",3000,58543,5,"2026-02-17T09:27:00.000Z","6.9.4","4.0","8.1",[73,74,19,20,53],"login","membership","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexpire-user-passwords.1.4.2.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":12,"num_ratings":30,"last_updated":86,"tested_up_to":87,"requires_at_least":70,"requires_php":88,"tags":89,"homepage":17,"download_link":93,"security_score":94,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"better-passwords","Better Passwords","1.8","bettersecurity","https:\u002F\u002Fprofiles.wordpress.org\u002Fbettersecurity\u002F","\u003Cp>This plugin sets a default minimum password length of 10 characters, to ensure that passwords are suitably long that they are hard to guess.  However, it does not insist on any complexity rules, such as digits and special characters, as length is the most important thing when making a password hard to guess.\u003C\u002Fp>\n\u003Cp>This plugin uses Troy Hunt’s \u003Ca href=\"https:\u002F\u002Fhaveibeenpwned.com\u002FPasswords\" rel=\"nofollow ugc\">Pwned Passwords API\u003C\u002Fa> in order to check a user’s potential password against a corpus of breached passwords.\u003C\u002Fp>\n\u003Cp>The password itself is never sent to any third party, only a partial hash is sent. This means that the password entered will always be private.\u003C\u002Fp>\n\u003Cp>As an added bonus, this plugin also upgrades the hashing algorithm used when storing your password in the database. This is a secure one-way hash created using the \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FBcrypt\" rel=\"nofollow ugc\">Bcrypt\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FArgon2\" rel=\"nofollow ugc\">Argon2\u003C\u002Fa> algorithm.\u003C\u002Fp>\n","Stop use of a bad passwords, including those in the Have I Been Pwned? breached password database",200,39595,"2024-09-28T09:41:00.000Z","6.6.5","7.0",[90,91,19,92,20],"better","haveibeenpwned","pwned","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-passwords.zip",92,{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":12,"downloaded":103,"rating":12,"num_ratings":104,"last_updated":105,"tested_up_to":69,"requires_at_least":106,"requires_php":107,"tags":108,"homepage":112,"download_link":113,"security_score":12,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"password-requirements","WP Password Policy","3.6.1","Teydea Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fteydeastudio\u002F","\u003Cp>\u003Cstrong>WP Password Policy lets you define and enforce password policies for all users on your WordPress site.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Set rules for password length, complexity (uppercase, lowercase, digits, special characters), restricted characters, password expiration, and more. The plugin validates passwords on login, registration, password changes, and during active sessions — automatically redirecting users to reset non-compliant passwords.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key benefits:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enforce password length and complexity rules from a single settings page.\u003C\u002Fli>\n\u003Cli>Set password expiration to ensure users update their passwords regularly.\u003C\u002Fli>\n\u003Cli>Require users to confirm their current password before making changes.\u003C\u002Fli>\n\u003Cli>Compatible with WordPress multisite networks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Whether you manage a personal blog, a membership site, or a multisite network, WP Password Policy helps you maintain consistent password standards across all user accounts.\u003C\u002Fp>\n\u003Cp>Learn more at \u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">wppasswordpolicy.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why password policies matter\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Weak passwords remain one of the most common entry points for unauthorized access to WordPress sites. Enforcing password rules helps reduce this risk and supports compliance with security best practices.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch4>Free Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Minimum password length\u003C\u002Fstrong> — Set and enforce the minimum number of characters for user passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Maximum password length\u003C\u002Fstrong> — Limit password length to prevent denial-of-service attacks caused by hashing very long passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Password complexity rules\u003C\u002Fstrong> — Require a mix of uppercase letters, lowercase letters, digits, special characters, and a minimum number of unique characters.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Consecutive username symbols\u003C\u002Fstrong> — Restrict how many consecutive characters from the username can appear in the password.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Restricted characters\u003C\u002Fstrong> — Block specific characters from being used in passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Maximum password age\u003C\u002Fstrong> — Force users to update their passwords periodically (e.g., every 30 days).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Minimum password age\u003C\u002Fstrong> — Prevent users from changing their password too frequently, discouraging rapid cycling back to an old password.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Require current password\u003C\u002Fstrong> — Add a “Current Password” field to the user profile screen and validate it before allowing password changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom password hints\u003C\u002Fstrong> — Replace the default WordPress password hint with a policy-specific hint based on active rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Site Health integration\u003C\u002Fstrong> — A Site Health test reports whether your plugin settings are properly configured.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multisite\u002Fnetwork support\u003C\u002Fstrong> — Works with both standard and multisite WordPress installations.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Ffeatures\u002Fai-integration\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">AI integration\u003C\u002Fa>\u003C\u002Fstrong> — On WordPress 6.9+ with the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmcp-adapter\u002F\" rel=\"ugc\">MCP Adapter\u003C\u002Fa> plugin, list, configure, and delete password policies through natural language commands from any connected AI provider.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Translation-ready\u003C\u002Fstrong> — Localize the plugin into any language.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PRO Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Ffeatures\u002Fpasswords-reuse-prevention\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">Prevent password reuse\u003C\u002Fa>\u003C\u002Fstrong> — Block users from reusing their previous passwords, encouraging new, unique passwords every time.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Ffeatures\u002Fdedicated-policies-by-user-and-or-role\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">Custom password policies per role or user\u003C\u002Fa>\u003C\u002Fstrong> — Assign different password rules for administrators, editors, WooCommerce customers, or specific users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Ffeatures\u002Frestricted-passwords-list\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">Block common, weak passwords\u003C\u002Fa>\u003C\u002Fstrong> — Over 100,000 common passwords are blocked, preventing users from choosing easy-to-guess passwords.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Integrations\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fintegrations\u002Fwoocommerce\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">WooCommerce integration\u003C\u002Fa>\u003C\u002Fstrong> — Enforce password policies on WooCommerce login, registration, checkout account creation (including Store API), account details, password change, and password reset forms. Replaces WooCommerce’s built-in password strength meter with your policy rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fintegrations\u002Fultimate-member\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">Ultimate Member integration\u003C\u002Fa>\u003C\u002Fstrong> — Enforce password policies within Ultimate Member registration, login, password reset, and password change forms. Disables Ultimate Member’s built-in password strength option to avoid conflicts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fintegrations\u002Ftutor-lms\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">Tutor LMS integration\u003C\u002Fa>\u003C\u002Fstrong> — Enforce password policies on Tutor LMS student and instructor registration, login, password change, and password reset forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fintegrations\u002Flifterlms\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">LifterLMS integration\u003C\u002Fa>\u003C\u002Fstrong> — Enforce password policies on LifterLMS registration (including checkout), account password change, and password reset forms. Replaces LifterLMS’s built-in password strength meter with your policy rules.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fintegrations\u002Flearnpress\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">LearnPress integration\u003C\u002Fa>\u003C\u002Fstrong> — Enforce password policies on LearnPress registration, login, and password change forms.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority support and updates\u003C\u002Fstrong> — Get premium email support and updates.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Learn more about the PRO version at \u003Ca href=\"https:\u002F\u002Fwppasswordpolicy.com\u002Fpricing\u002F?utm_source=WP+Password+Policy\" rel=\"nofollow ugc\">wppasswordpolicy.com\u002Fpricing\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Video Tutorial\u003C\u002Fh3>\n\u003Cp>See the plugin in action:\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F7g_hWHZ4IFs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Related Plugins\u003C\u002Fh3>\n\u003Cp>Looking for a way to force users to reset their passwords immediately? Check our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpassword-reset-enforcement\u002F\" rel=\"ugc\">Password Reset Enforcement\u003C\u002Fa> plugin — it lets you require password resets site-wide, by role, or for individual users, with WP-CLI support for automation.\u003C\u002Fp>\n","Define and enforce password policies for your WordPress site with length, complexity, and expiration rules.",5017,1,"2026-03-20T12:49:00.000Z","6.6","7.4",[109,110,19,20,111],"password-policy","password-strength","strong-password","https:\u002F\u002Fwppasswordpolicy.com\u002F?utm_source=WP+Password+Policy","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpassword-requirements.3.6.1.zip",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":32,"downloaded":122,"rating":12,"num_ratings":123,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":17,"tags":127,"homepage":131,"download_link":132,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":133},"wp-double-protection","WP Double Protection","1.2","Maruti Mohanty","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarutim\u002F","\u003Cp>You can see more, on how to use the plugin here in this blog \u003Ca href=\"http:\u002F\u002Fwww.sourcexpress.com\u002Fwp-double-protection\u002F\" rel=\"nofollow ugc\">WP Double Protection\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Plugin’s Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Allow user to use two different password for the website and thus makes the website extra secure.\u003C\u002Fli>\n\u003Cli>Once the plugin is activated and until the user has not set his second password in the user profile, the second password will be same as the first password.\u003C\u002Fli>\n\u003Cli>Once the second password is set from the user profile, the user would now need to enter the corresponding passwords while login.\u003C\u002Fli>\n\u003Cli>To reset the second password the user has to follow the default lost password link and it will reset the second password to the newly chosen main password and then the user would have to again set a different second password from the user profile\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can also help me make the plugin better by contributing to the plugin in \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmarutim\u002Fwp-double-protection\" rel=\"nofollow ugc\">Github\u003C\u002Fa>\u003C\u002Fp>\n","This plugin allows a second password option and thus making your website doubly protected.",2186,2,"2015-10-01T08:31:00.000Z","4.3.34","3.5.1",[128,129,130,20,115],"double-passwords","multiple-passwords","password-protection","http:\u002F\u002Fwww.sourcexpress.com\u002Fwp-double-protection\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-double-protection.1.2.zip","2026-04-06T09:54:40.288Z",{"attackSurface":135,"codeSignals":151,"taintFlows":158,"riskAssessment":159,"analyzedAt":162},{"hooks":136,"ajaxHandlers":147,"restRoutes":148,"shortcodes":149,"cronEvents":150,"entryPointCount":24,"unprotectedCount":24},[137,142],{"type":138,"name":139,"callback":139,"priority":140,"file":141,"line":47},"filter","check_password",10,"wp-bcrypt.php",{"type":143,"name":144,"callback":145,"file":141,"line":146},"action","admin_notices","dep_notice",28,[],[],[],[],{"dangerousFunctions":152,"sqlUsage":153,"outputEscaping":155,"fileOperations":24,"externalRequests":24,"nonceChecks":24,"capabilityChecks":24,"bundledLibraries":157},[],{"prepared":24,"raw":24,"locations":154},[],{"escaped":24,"rawEcho":24,"locations":156},[],[],[],{"summary":160,"deductions":161},"The wp-bcrypt plugin v1.0.1 exhibits a very strong security posture based on the provided static analysis. The absence of any identified attack surface points, dangerous functions, or raw SQL queries indicates a robust development process. Furthermore, the thorough use of prepared statements for any potential SQL interactions and the proper escaping of all outputs are excellent security practices.  The plugin also shows no history of past vulnerabilities, which is a positive indicator.  However, the lack of any capability or nonce checks, while not directly presenting a risk in this specific analysis due to the zero attack surface, could be a concern if the plugin's functionality were to expand or change in the future, potentially introducing new entry points without adequate protection.  Overall, this plugin appears to be developed with security as a high priority, with no immediate exploitable vulnerabilities detected. The primary area for potential improvement, though not a current risk, would be to implement capability checks if new user-facing functionalities are added.",[],"2026-03-16T20:07:47.093Z",{"wat":164,"direct":169},{"assetPaths":165,"generatorPatterns":166,"scriptPaths":167,"versionParams":168},[],[],[],[],{"cssClasses":170,"htmlComments":172,"htmlAttributes":173,"restEndpoints":174,"jsGlobals":175,"shortcodeOutput":176},[171],"updated",[],[],[],[],[],{"error":178,"url":179,"statusCode":180,"statusMessage":181,"message":181},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-bcrypt\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":5,"total_versions":123,"versions":183},[184,190],{"version":5,"download_url":22,"svn_tag_url":185,"released_at":25,"has_diff":186,"diff_files_changed":187,"diff_lines":25,"trac_diff_url":188,"vulnerabilities":189,"is_current":178},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-bcrypt\u002Ftags\u002F1.0.1\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwp-bcrypt%2Ftags%2F1.0.0&new_path=%2Fwp-bcrypt%2Ftags%2F1.0.1",[],{"version":191,"download_url":192,"svn_tag_url":193,"released_at":25,"has_diff":186,"diff_files_changed":194,"diff_lines":25,"trac_diff_url":25,"vulnerabilities":195,"is_current":186},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-bcrypt.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-bcrypt\u002Ftags\u002F1.0.0\u002F",[],[]]