Change WooCommerce default password security level

php wordpress woocommerce passwords hook-woocommerce

24,074

Solution 1

The only existing hook setting for that is woocommerce_min_password_strength filter hook. So you can set a custom hook function and lowering this strenght. There is 4 possible settings:

3 => Strong (default)
2 => Medium
1 => Weak
0 => Very Weak (anything).

Here is that code:

add_filter( 'woocommerce_min_password_strength', 'reduce_min_strength_password_requirement' );
function reduce_min_strength_password_requirement( $strength ) {
    // 3 => Strong (default) | 2 => Medium | 1 => Weak | 0 => Very Weak (anything).
    return 2; 
}

Code goes in function.php file of your active child theme (or theme) or also in any plugin file.

This code is tested and works.

All other solutions will be complicated and a real development.

Solution 2

The answer above by @LoicTheAztec works perfectly and is very clear. I'm adding this answer because I'm not sure it's correct to put additional suggestions and code in a comment (sorry if I'm not following proper StackOverflow protocols -- someone please let me know if that's the case!).

Anyway even after changing the password strength requirement I was still seeing the very stern and rather unhelpful password hint demanding twelve characters &c., so I went looking for a way to change that. Here are the two functions I've got running and they're working just as expected.

For the password hint function, thanks to arjenlentz.

// First, change the required password strength
add_filter( 'woocommerce_min_password_strength', 'reduce_min_strength_password_requirement' );
function reduce_min_strength_password_requirement( $strength ) {
    // 3 => Strong (default) | 2 => Medium | 1 => Weak | 0 => Very Weak (anything).
    return 2; 
}

// Second, change the wording of the password hint.
add_filter( 'password_hint', 'smarter_password_hint' );
function smarter_password_hint ( $hint ) {
    $hint = 'Hint: longer is stronger, and consider using a sequence of random words (ideally non-English).';
    return $hint;
}

Solution 3

FYI, that code did not work for me to lower the password requirements. I tried a couple other codes but to no avail. I ended up using this code below to simply remove the password requirement check.

function iconic_remove_password_strength() {
    wp_dequeue_script( 'wc-password-strength-meter' );
}
add_action( 'wp_print_scripts', 'iconic_remove_password_strength', 10 );

Taken from here: https://iconicwp.com/blog/disable-password-strength-meter-woocommerce/

24,074

Author by

Husnain Abbas

Updated on September 22, 2020

Comments

Husnain Abbas over 3 years

I am trying to change the WooCommerce Registration form minimum password strength and I am unable to do much.

Can anyone please share a solution by which I can amend the minimum password strength and allow users to user a password that's 7 characters long and does not need any symbols or capital letters inside it?

Thanks.
Husnain Abbas almost 7 years

thank you for your help. I used some javaascript to fix the issue since I needed to a very specific password criteria. thanks for your help!
LoicTheAztec almost 7 years

@HusnainAbbas You should add an update to your question or directly as an answer with that code and some explanations. This will be useful for the community. Thanks.
Corentin about 5 years

Yes the meter was blocking me on the reset password page
MarkPraschan about 5 years

Note: Contrary to the default hint verbiage, there is NOT a required number or type of characters that correspond to each security level. It is controlled by an open source, pattern-matching algorithm called 'zxcvbn' developed by Dropbox. Link: github.com/dropbox/zxcvbn