Description
Reminds users to change their passwords after a specified number of days.
WordPress Change Password Reminder Email Plugin.
Key Features
1. Automated Password Change Reminders
- Automatically sends emails to users whose passwords haven’t been changed for a specified period
- Configurable threshold for password age (default: 90 days)
- Prevents reminder spam by enforcing a minimum interval between reminders to the same user
2. Comprehensive User Management
- Tracks password age for all WordPress users
- Provides a detailed password status dashboard showing password age and reminder history
- Color-coded indicators for password age (green for recent, yellow for aging, red for outdated)
3. Role-Based Controls
- Target specific user roles for password reminders
- Customize which user groups receive reminders (administrators, editors, authors, etc.)
- Fine-grained control over security requirements for different user types
4. Flexible Email Templates
- Fully customizable email subject and body
- Support for dynamic variables like {username}, {days}, {password_url}, etc.
- Personalized messaging with user-specific information
5. Scheduling Options
- Multiple scheduling frequencies (hourly, twice daily, daily, weekly, monthly)
- Manual trigger option to run password checks on demand
- Reliable WordPress cron integration
6. Admin Tools and Utilities
- Send test emails directly from the settings page
- Force immediate password checks
- Reset plugin settings to defaults with a single click
- User-friendly tabbed interface for easy navigation
7. Security Best Practices
- Encourages regular password rotation for enhanced security
- Helps maintain compliance with security policies
- Reduces risks from compromised or weak passwords
8. Easy Configuration
- Intuitive settings page with jQuery tabs
- No coding required – all settings accessible through the admin interface
- Tooltip help and documentation available within the plugin
9. Clean Installation/Uninstallation
- Properly creates and manages its own database tables
- Complete cleanup on uninstallation with no orphaned data
- Follows WordPress development best practices
Benefits
Enhanced Security: Encourages regular password updates to minimize security risks
Policy Compliance: Helps organizations enforce password rotation policies
User Awareness: Reminds users about security best practices
Customizable: Adaptable to different organization sizes and security needs
Lightweight: Minimal impact on site performance with efficient code
User-Friendly: Simple interface for both administrators and end users
This plugin is perfect for organizations concerned about security, compliance requirements, or simply wanting to encourage good password hygiene among their WordPress users.
WordPress Change Password Reminder Email – FAQ
What does this plugin do?
This plugin tracks when users change their passwords and sends automated reminder emails when passwords haven’t been changed for a specified period. It helps enforce good security practices by encouraging regular password rotation.
Does the plugin work with multisite installations?
Yes, the plugin is compatible with WordPress multisite installations. Each site in the network can have its own settings.
Will this plugin affect my site’s performance?
No, the plugin is designed to be lightweight and only runs periodic checks based on your settings. It has minimal impact on your site’s performance.
Setup and Configuration
How do I install the plugin?
- Upload the plugin files to the /wp-content/plugins/wordpress-change-password-reminder directory
- Activate the plugin through the ‘Plugins’ menu in WordPress
- Configure the settings under ‘Settings > Password Reminder’
How do I set the password age threshold?
Navigate to Settings > Password Reminder > General Settings and enter the desired number of days in the “Password Age Threshold” field. The default is 90 days.
Can I customize the reminder emails?
Yes, you can fully customize both the subject and body of the reminder emails under the “Email Templates” tab. The email template supports various placeholders like {username}, {days}, and {password_url}.
Can I choose which user roles receive reminders?
Yes, under the General Settings tab, you can select which user roles should receive password change reminders. You can include or exclude any WordPress role.
Functionality
How often does the plugin check for passwords that need reminders?
You can set the check frequency to hourly, twice daily, daily, weekly, or monthly in the General Settings tab.
What happens if a user ignores the reminder emails?
The plugin will send additional reminders after the interval you specify in the “Minimum Days Between Reminders” setting. It will continue to send reminders until the user changes their password.
Can I manually trigger a password check?
Yes, there’s a “Run Password Check Now” button in the General Settings tab that will immediately check all users and send reminders as needed.
How can I test that emails are being sent correctly?
You can send a test email to yourself using the “Send Test Email” button in the General Settings tab.
Troubleshooting
Why are some users showing “Unknown” for password age?
This appears for users who have not changed their passwords since the plugin was activated. As users change their passwords, this data will be populated.
Emails are not being sent. What should I do?
Test your WordPress email functionality using the “Send Test Email” button
Check your server’s email configuration
Consider installing an SMTP plugin for more reliable email delivery
The scheduled reminders aren’t running automatically. Why?
WordPress cron jobs require site traffic to trigger. For reliable operation on low-traffic sites, you may need to set up a real cron job to trigger WordPress cron events.
How do I completely remove the plugin and all its data?
To completely remove the plugin and all associated data, delete the plugin through the WordPress admin interface. The uninstall script will remove all settings, database tables, and user metadata created by the plugin.
Advanced Questions
Can I integrate this plugin with other security plugins?
Yes, this plugin works alongside other security plugins without conflicts. It complements other security measures by encouraging good password practices.
Does this track when users change their passwords?
Yes, the plugin automatically records when users change their passwords and uses this information to determine when reminders should be sent.
Does this plugin force users to change their passwords?
No, this plugin only sends reminders encouraging users to change their passwords. It doesn’t force password changes or lock accounts. It’s a reminder tool, not an enforcement tool.
