How to improve your site security with expiring user passwords
Recently I received another interesting question from one of my clients. She was looking for a simple method of using expiring user passwords on her membership website.
Needless to say, there is a solution ...
But let's start with the obvious question: when and why force your users to periodically change their Wordpress passwords?
Well ... The history of the Internet is the proof: there is no such thing as bulletproof, impenetrable security. Life happens ... and we can read alarming stories on a daily basis.
Obviously, the most efficient protection is always implemented at server level (for example, the SiteProtect platform here at WA), but of course, we are free to use additional plugin-based methods that can help us to keep our sites safe ... For example:
Now here's the thing ... When it comes to unauthorized access, usually a password is involved ... and even the strongest and safest server-level security will become pointless if a user password has been compromised, hacked, stolen, etc ... This is why many websites, banks, agencies, institutions, universities, etc require all users to change their passwords regularly.
The point: if you are running a membership website, an online shop, a multi-user site, etc, you should ask your users to update their passwords after a specific amount of time.
This is why I've decided to create a short tutorial where I will show you how easy is to improve your site security with expiring user passwords.
Here it is: