WooCommerce Tutorials

Decrease the Strength Required for your WooCommerce Passwords

Following on from the post “Disable the Password Strength Meter in WooCommerce“, it turns out it’s actually possible to decrease the strength required for your customers passwords. This is likely a much better option than disabling it completely, in most scenarios.

The default strength is 3, and can range from 0 (non-existent) to 5 (ridiculously strong). You can change this by adding the following filter in you functions.php file, or adding the code using the Code Snippets plugin:

/**
 * Change min password strength.
 *
 * @author James Kemp (Iconic)
 * @link http://iconicwp.com/decrease-strength-required-woocommerce-passwords/
 * @param int $strength
 * @return int
 */
function iconic_min_password_strength( $strength ) {
    return 2;
}

add_filter( 'woocommerce_min_password_strength', 'iconic_min_password_strength', 10, 1 );
Avatar

James is the founder of Iconic and an experienced WooCommerce plugin developer. He has been featured on numerous WordPress publications.

He is a keen photographer and currently shoots using his favourite mirrorless camera, a Fuji X-T20.

9 Responses

Avatar

Added it to my functions.php of my child theme and it is still asking me for 12 characters in the password field. Is there a way to lower the required character count or modify this warning message? Thanks James

Avatar
Nathan Smeltzer 1 year ago

Hey Eddie. Here's the filter:

add_filter('password_hint', 'change_password_hint');
function change_password_hint( $hint ) {
return __( 'Hint: Your new password hint.' );
}

Now to figure out the exact length/complexity for each password strength value...

Avatar

Thank you James!!

New WooCommerce user here.
We are taking phone orders and creating users for the customer.
It would seem that 8 digits with a mix of upper lower case, numbers and characters would be sufficient but I see Woo is calling this out as weak.
What is the danger of a "weak" password for an individual customer?
Of course they don't have admin access to the site.

Also in a github exchange Jonathan Crowell commented: "Is it possible to give me rundown on what the difference is between 3, 2, and 1. Is it just character length or something else? I have a popup instructing the user about password strength that I'd like to update with the correct info. thanks for this though, just what I was looking for"

I would love to know the answer to that.

Avatar
Funnystuff 2 years ago

An author/credit comment in a 1 line function that's just "return 2"?

Avatar
James Kemp admin 2 years ago

You're welcome to remove it ;)

It's mainly for your own reference when you come back to code later down the line.

Avatar
scottmoyse 4 years ago

Excellent!!! Thanks heaps, this is perfect. Now to figure out changing the text on the password hint.

Leave a Reply

Your email address will not be published. Required fields are marked *