Disable the Password Strength Meter in WooCommerce

It might be better to decrease the password strength, instead?

It’s not necessarily advised, but forcing strong passwords on your WooCommerce store can sometimes deter customers from processing their order. For the average person, the strength at which WooCommerce/Wordpress require their passwords to be is above and beyond anything the customer will remember. Personally, I use 1password to generate and store all of my passwords, so this is not an issue for me, but your customers may not be as tech-savvy.

Disabling strong passwords should be done at your own discretion, but until WordPress make the password strength parameters editable, I imagine many people will want to do it. You can add the following code to your theme’s functions.php file.

 * Remove password strength check.
function iconic_remove_password_strength() {
    wp_dequeue_script( 'wc-password-strength-meter' );
add_action( 'wp_print_scripts', 'iconic_remove_password_strength', 10 );



James is the founder of Iconic and an experienced WooCommerce plugin developer. He has been featured on numerous WordPress publications.

He is a keen photographer and currently shoots using his favourite mirrorless camera, a Fuji X-T20.

15 Responses

Eugenia Hernandez 6 months ago

Hola James, estoy intentando arreglar la contraseña que le pide woocommerce a los que quieren registrarse. Y encontré este articulo tuyo!!
Te pregunto porque no entiendo mucho de programacion, el codigo debo ponerlo en el archivo Functions.php Ahora ese archivo lo encuentro en Wordpress / Editor de temas / y en el menu de la derecha hago clic en Funciones del tema ( Functions.php)
Está bien si el codigo lo agrego aca: (arriba de //Elementor...)

add_action( 'vc_before_init', 'rhVCSetAsTheme' );
add_action('init','add_rehub_to_vc', 5);
add_action('admin_enqueue_scripts', 'rehub_vc_styles');

//Elementor Init

if ( did_action( 'elementor/loaded' ) ) {
require_once ('functions/el_functions.php');
require_once ('rehub-elementor/templates/remote.php');
function rehub_admin_error_notice() {
$page = (isset($_GET['page'])) ? $_GET['page'] : '';
global $current_user ;
$user_id = $current_user->ID;

Otra pregunta, yo no tengo un tema hijo, es conveniente instale un tema hijo y estos cambios los agregue al hijo?? Estoy trabajando con el tema Rehub

Kenneth admin 6 months ago

Hi Eugenia,

One of the safest ways to add PHP code snippets to your site is by using the Code Snippets plugin which we also recommend if you are not comfortable configuring the core files.

Hope that helps.
Thank you!


Hundreds of cart-abandoners later, a client's customer finally cracks - "I almost bought from the other guys, that password thing on your checkout page is nuts."

Thanks for the snippet. Considering that even the most basic password I could possibly be comfortable using was able to pass the built-in security check... it makes me cringe to disable it but what can you do. It just amazes me that people will choose the path of least resistance over the path of most security, even when their financial information is involved :( Thanks again!

John Darrel 4 years ago

I think that a better solution would be to prevent password-strength-meter from loading in WordPress at all if the user is not logged in.

add_action( 'wp_default_scripts', function($scripts){
if(!is_user_logged_in()) {
return $scripts;
} );

Luke Cavanagh 5 years ago

Why WP and WC by default loads these JS files as HTTP requests on homepage, seems like something that should be changed. I can understand loading on checkout, my account and lost password.


Leave a Reply

Your email address will not be published. Required fields are marked *