PHPackages soderlind/passwp-posts - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. soderlind/passwp-posts ActiveWordpress-plugin[Security](/categories/security) soderlind/passwp-posts ====================== Password protects all pages and posts except the front page 1.4.3(3mo ago)1313↑50%GPL-2.0+PHPPHP >=8.3CI passing Since Dec 11Pushed 3mo agoCompare [ Source](https://github.com/soderlind/passwp-posts)[ Packagist](https://packagist.org/packages/soderlind/passwp-posts)[ Fund](https://paypal.me/PerSoderlind)[ RSS](/packages/soderlind-passwp-posts/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (10)Dependencies (4)Versions (33)Used By (0) PassWP Posts ============ [](#passwp-posts) A simple password protection plugin for WordPress—no usernames, no accounts, just one shared password. Share the password with those who need access and they're in. Perfect for situations where you need quick, hassle-free access control without user management. When to Use This Plugin ----------------------- [](#when-to-use-this-plugin) PassWP Posts is ideal when you need **simple shared access** without the overhead of user accounts: - **Staging Sites** — Share a password with clients to preview their site before launch - **Client Portals** — Protect project documentation or deliverables with a single password - **Pre-launch Sites** — Keep your "Coming Soon" site private while you finish development - **Private Blogs** — Share personal content with family or friends using one easy password - **Internal Resources** — Protect company wikis or documentation from public access - **Event Websites** — Limit access to event details, schedules, or member areas - **Photography Galleries** — Share client proofs with a simple password (no login required) - **Educational Content** — Protect course materials for a class or workshop > **Note:** This is NOT a membership or user management plugin. If you need individual user accounts, different access levels, or tracking who accessed what, use a membership plugin instead. Features -------- [](#features) - **One Password, No Username** — Visitors just enter the password—no account creation, no login forms - **Front Page Always Public** — Your homepage remains accessible to everyone - **Logged-in User Bypass** — WordPress users (editors, admins) skip the password prompt - **Flexible Protection** — Protect all content (with exclusions) or only selected pages/posts - **Customizable Form** — Match your brand with colors, typography, logo, and preset themes - **Remember Me** — Visitors stay authenticated for a configurable duration - **Secure** — Uses WordPress-native password hashing and secure cookies Installation ------------ [](#installation) - Download [`passwp-posts.zip`](https://github.com/soderlind/passwp-posts/releases/latest/download/passwp-posts.zip) - Upload via Plugins > Add New > Upload Plugin - Activate the plugin. Plugin [updates are handled automatically](https://github.com/soderlind/wordpress-plugin-github-updater#readme) via GitHub. No need to manually download and install updates. Configuration ------------- [](#configuration) Go to **Settings → PassWP Posts** to configure the plugin. ### General Settings [](#general-settings) [![General Settings Screenshot](general-settings.png)](general-settings.png) SettingDescription**Enable Protection**Toggle password protection on or off for your entire site**Password**The shared password that visitors must enter to access any protected content on your site**Remember Me Duration**Number of days the browser will remember the password so visitors don't need to re-enter it (default: 30 days)**Protection Mode**Choose between protecting all pages and posts (with optional exclusions) or protecting only specific selected content**Excluded Pages/Posts**When "Protect all" is selected: choose specific pages or posts that should remain publicly accessible without a password**Protected Pages/Posts**When "Protect selected" is chosen: select the specific pages or posts that require password protection### Customize Settings [](#customize-settings) [![Customize Settings Screenshot](customize-settings.png)](customize-settings.png) SettingDescription**Preset Themes**Quick-apply a complete theme with one click: Default Purple, Business Blue, or Dark Mode**Background**Customize the page background with a solid color, gradient blend, or upload a background image**Card Styling**Style the password form card: background color, corner radius, and drop shadow intensity**Logo**Upload your company or site logo to display above the password form, with adjustable width**Typography**Customize the heading text, text colors, and choose from available font families**Button**Style the submit button: custom text, background and hover colors, and corner radius**Form Options**Toggle the "Remember Me" checkbox visibility and set the input field corner radius**Footer**Add custom footer text below the form with an optional link URLHow It Works ------------ [](#how-it-works) 1. When a visitor tries to access a protected page or post, they are shown a password form 2. If they enter the correct password, a secure cookie is set 3. The cookie allows them to browse freely for the configured duration 4. Logged-in users are never prompted for a password (**use incognito or private browsing mode to test protection**). 5. The front page is always public regardless of protection mode Security -------- [](#security) - Passwords are stored using `wp_hash_password()` (same as WordPress user passwords) - Cookies contain a SHA256 hash of the password hash combined with `wp_salt('auth')` - All form submissions are protected with WordPress nonces - Admin actions require `manage_options` capability Development ----------- [](#development) ### Requirements [](#requirements) - PHP 8.3+ - WordPress 6.8+ ### Running Tests [](#running-tests) **PHP Tests (PHPUnit with Brain\\Monkey):** ``` composer install composer test ``` **JavaScript Tests (Vitest):** ``` npm install npm test ``` ### Building Translations [](#building-translations) ``` # Generate POT file wp i18n make-pot . languages/passwp-posts.pot # Generate MO file from PO wp i18n make-mo languages/passwp-posts-nb_NO.po # Generate PHP translation file (WordPress 6.5+) wp i18n make-php languages ``` Directory Structure ------------------- [](#directory-structure) ``` passwp-posts/ ├── assets/ │ ├── css/ │ │ ├── admin.css │ │ ├── customize-admin.css │ │ └── password-form.css │ ├── js/ │ │ ├── admin.js │ │ └── customize.js │ └── vendor/ │ └── select2/ ├── includes/ │ ├── class-admin-settings.php │ ├── class-cookie-handler.php │ └── class-protection.php ├── languages/ │ ├── passwp-posts.pot │ ├── passwp-posts-nb_NO.po │ ├── passwp-posts-nb_NO.mo │ └── passwp-posts-nb_NO.l10n.php ├── templates/ │ └── password-form.php ├── tests/ │ ├── js/ │ └── php/ ├── passwp-posts.php ├── composer.json ├── package.json └── README.md ``` Hooks ----- [](#hooks) ### Filters [](#filters) ``` // Modify the password form template path add_filter( 'passwp_posts_form_template', function( $template ) { return get_stylesheet_directory() . '/passwp-posts-form.php'; }); ``` Translations ------------ [](#translations) The plugin is translation-ready with the text domain `passwp-posts`. Available translations: - English (default) - Norwegian Bokmål (nb\_NO) License ------- [](#license) GPL v2 or later Changelog --------- [](#changelog) See [CHANGELOG.md](CHANGELOG.md) for a detailed list of changes. ### Health Score 44 — FairBetter than 92% of packages Maintenance78 Regular maintenance activity Popularity17 Limited adoption so far Community6 Small or concentrated contributor base Maturity61 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~3 days Total 17 Last Release 115d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/1649452?v=4)[Per Søderlind](/maintainers/soderlind)[@soderlind](https://github.com/soderlind) --- Top Contributors [![soderlind](https://avatars.githubusercontent.com/u/1649452?v=4)](https://github.com/soderlind "soderlind (72 commits)") --- Tags passwordwordpress-plugin ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/soderlind-passwp-posts/health.svg) ``` [![Health](https://phpackages.com/badges/soderlind-passwp-posts/health.svg)](https://phpackages.com/packages/soderlind-passwp-posts) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41478.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 87117.5M63](/packages/bjeavons-zxcvbn-php)[illuminate/encryption The Illuminate Encryption package. 9229.7M280](/packages/illuminate-encryption)[paragonie/hidden-string Encapsulate strings in an object to hide them from stack traces 7410.6M39](/packages/paragonie-hidden-string) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)