wp-password-bcrypt is a WordPress plugin to replace WP’s outdated and insecure
MD5-based password hashing with the modern and secure bcrypt.
It is written by roots.io people.
See Improving WordPress Password Security
for more background on this plugin and the password hashing issue.
- Upload the plugin files to the
/wp-content/plugins/password-bcryptdirectory, or install the plugin through the WordPress plugins screen directly.
- Activate the plugin through the ‘Plugins’ screen in WordPress
- Manual installation as a must-use plugin
If you don’t use Composer, you can manually copy
We do not recommend using this as a normal (non-MU) plugin. It makes it too easy to disable or remove the plugin.
- Check for another password plugin.
- Added license file, excuse me.
- This is the WordPress-stlye version of the original roots wp-password-bcrypt plugin