Change Woocommerce Default Password Security Level

Change WooCommerce default password security level

The only existing hook setting for that is woocommerce_min_password_strength filter hook. So you can set a custom hook function and lowering this strenght. There is 4 possible settings:

• 3 => Strong (default)
• 2 => Medium
• 1 => Weak
• 0 => Very Weak (anything).

Here is that code:

add_filter( 'woocommerce_min_password_strength', 'reduce_min_strength_password_requirement' );
function reduce_min_strength_password_requirement( $strength ) {
    // 3 => Strong (default) | 2 => Medium | 1 => Weak | 0 => Very Weak (anything).
    return 2; 
}

Code goes in function.php file of your active child theme (or theme) or also in any plugin file.

This code is tested and works.

All other solutions will be complicated and a real development.

Minimum number of characters for password, Wordpress

I found out a solution. But for that I need to make the password weak (in my case Submit button wasn't active if it wasn't at least medium strength) and after that I add the minimum character number. Also I had to change the hit text.

// Change Password Hint
add_filter( 'password_hint', function( $hint )
{
  return __( 'Hint: The password should be at least 8 characters long. Use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).' );
} );

add_filter( 'woocommerce_min_password_strength', 'reduce_min_strength_password_requirement' );
function reduce_min_strength_password_requirement( $strength ) {
    // 3 => Strong (default) | 2 => Medium | 1 => Weak | 0 => Very Weak (anything).
    return 1; 
}

add_action('woocommerce_process_registration_errors', 'validatePasswordReg', 10, 2 );

function validatePasswordReg( $errors, $user ) {
    // change value here to set minimum required password chars
    if(strlen($_POST['password']) < 8  ) {
        $errors->add( 'woocommerce_password_error', __( 'Password must be at least 8 characters long. Use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).' ) );
    }
    return $errors;
    }

add_action('woocommerce_save_account_details_errors', 'validateProfileUpdate', 10, 2 );

function validateProfileUpdate( $errors, $user ) {
    // change value here to set minimum required password chars
    if(strlen($_POST['password_2']) < 8  ) {
        $errors->add( 'woocommerce_password_error', __( 'Password must be at least 8 characters long. Use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).' ) );
    }
    return $errors;
    }

add_action('woocommerce_password_reset', 'validatePasswordReset', 10, 2 );

function validatePasswordReset( $errors, $user ) {
    // change value here to set minimum required password chars -- uncomment the following two (2) lines to enable that
    if(strlen($_POST['password_3']) < 8  ) {
        $errors->add( 'woocommerce_password_error', __( 'Password must be at least 8 characters long. Use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).' ) );
    }
    return $errors;
    }

add_action( 'woocommerce_after_checkout_validation', 'minPassCharsCheckout', 10, 2 );
function minPassCharsCheckout( $user ) {
    // change value here to set minimum required password chars on checkout page account registration
    if ( strlen( $_POST['account_password'] ) < 8  ) {
        wc_add_notice( __( 'Password must be at least 8 characters long. Use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).', 'woocommerce' ), 'error' );
    }
}

WooCommerce password strength Change to 6 Char

What I did was a workaround of this code above which completely removed the password check.

But also attaching a jquery and html password strength script (custom) so the frontend still see a password strength indicator but is turned down to 8 character.

This way you can still prevent users from entering 12 as password but also not do something crazy that will reach the wordpress standard of "safe".

---

Related Topics