What does Password Protected for WordPress do?

Password Protected for WordPress allows you to secure your website with a single password. The ultimate password protection plugin protects your WordPress categories, posts, products, and more with the simplest of ease.

What features does Password Protected offer?

Password Protected offers features such as easy setup, setting a description, enabling reCaptcha v2/v3, allowing administrators access, allowing logged-in users access, allowing RSS Feeds access, allowing Rest API access, and customization options.

What does Password Protected Pro offer?

Password Protected Pro offers powerful features such as excluding specific pages and post types from password protection, limiting login attempts, setting a lockdown time, setting usage limits, changing the status of passwords, managing multiple passwords, setting expiry dates for passwords, activity log reports, and priority support.

How does Google reCAPTCHA prevent password abuse?

Google reCAPTCHA v2 or v3 empowers your WordPress website to prevent password abuse against automated software, bots, hackers, etc. This anti-spam tool will allow any real user to access your website easily.

Can I password protect any post type with Password Protected?

Yes, you can include or exclude any post type from password protection. All of this can be done from the back end using a single password.

Life Time Extra Credits Offer

*Add $100 or more to claim

Validity: Nov 24 - Dec 05, 2025

CODE: INSTA41

Password Protected

The ultimate password protection plugin that protects your WordPress site with a single password.

Rating:

4.4

Active Installations:

300000+

Last Updated:

Oct 09, 2025

WordPress Version:

4.6 or higher

Tested up to:

6.8.3

Features Download’s trend Changelog Reviews

Complete Site Protection

Password protect your entire WordPress site with ease for comprehensive security.

Passwordless Admin Access

Simplify the login process for administrators with passwordless access to the WP-admin dashboard.

Add Google reCaptcha

Enhance the security of your password protected screen with Google reCaptcha integration.

IP Address Whitelisting

Specify which IP addresses can access your password protected content for added security.

Author’s Site

2.7.12

Fixed – Fix the Vulnerability issued by WordFence.
Fixed – Translation issue.

2.7.11

Fixed: Translation issue
Improved code optimization.

2.7.10

Optimized code for better performance.
Feedback SDK update.

2.7.9

Improved code optimization.

2.7.8

Fixed: compatibility with WordPress 6.8
Added – Notice on transient/cookies settings recommended by WordFence team.

2.7.7

Fixed – compatibility with elementor.

2.7.6

Fixed: login with transient issue resolved.

2.7.5

Fixed: login with transient issue resolved.

2.7.4

New – Added functionality to login with transient if the cookies are blocked.
Fixed: compatibility with WordPress 6.7

2.7.3

New – Option to view password text in the field while entering.
Improvement – Preserve custom URL parameters on password protected screen.

2.7.2

Fix: Updated depreciated PHP function to make it compatible with the latest PHP version.
Added: Login designer compatibility banner.
Improvement: Implement few UI tweaks.

2.7.1

Fixed – Disabled activity report by default.

2.7

New: Added Password Activity Report to provide weekly insights on access attempts to your protected sites.
New: Added Categoric Tabs and Sub-Tabs User Interface for easy navigation and better user experience.

2.6.8

Fix: Gutenberg compatibility issue fixed – REST API was getting blocked

2.6.7

Security: Patched two security improvements suggested by Wordfence team.
Fix: Updated depreciated PHP function to make it compatible with the latest PHP version.
Compatibility: Improved compatibility with Elementor.

2.6.6

Improvement – Added support for HTML in the above and bottom text displayed in the password screen.

2.6.5.1

Ensured seamless compatibility with the latest WordPress version

2.6.5

Fixed – Login Designer compatibility issues.

2.6.4

Fixed – Added compatibility for PHP version 8.2

2.6.3.2

Update – Feedback library updated

2.6.3.1

Fix – Parse error related to PHP version 7.2

2.6.3

New – Added Freemius SDK integration.
New – Added functionality to login with transient if the cookies are blocked.
Fix – Fixed Redirect Issue from excluded page to password protected page.

2.6.2

Fix – Parse error related to PHP version 7.2

2.6.1

Fix – Parse error related to PHP version 7.2
Update – Link to official Google Re-captcha documentation

2.6.0

Improved admin settings interface and introduced NEW tabs structure.
NEW: Added Google Recaptcha v2 and v3 to make it more secure.
NEW: Added Password Protected top-level admin menu for ease.
NEW: Added option to add text above password Field.
NEW: Added option to add text below password Field.

2.5.3

Improved Settings HTML structure
Added Note regarding compatibility with login designer within dashboard

2.5.2

Made compatibility with Login Designer; Now you can customize the password-protected screen with the customizer using login designer plugin.

2.5.1

Fix – Author name conflict resolved

2.5

Deprecate wp_no_robots and replace with wp_robots_no_robots for WordPress 5.7+

2.4

Add a Nocache header to the login page redirect to prevent the browser from caching the redirect page. Props De’Yonte W.
Remove ‘password-protected’ query from redirects on successful login or logout.
Check “redirect_to” query var is set in hidden form field. Props Matthias Kittsteiner.
Add favicon to password protected login page.

2.3

Adds password_protected_cookie_name filter for the cookie name. Props Jose Castaneda.
Let developers override the capability needed to see the options page via a password_protected_options_page_capability filter. Props Nicola Peluchetti.
Don’t use a “testcookie” POST query as it is blocked by Namecheap (and possibly other hosts).
Fix warnings in W3 validator – script and style “type” attribute not required. Props @dianamurcia.
Translations now via translate.wordpress.org.
Updated URL references. Props Garrett Hyder.

2.2.5

Added password_protected_login_password_title filter to allow customizing the “Password” label on the login form. Props Jeremy Herve.
Fix stray “and” in readme. Props Viktor Szépe.
Update Portuguese translation. Props Jonathan Hult.
Update Russian translation. Props Alexey Chumakov.

2.2.4

Check that $_SERVER['REMOTE_ADDR'] is set.

2.2.3

Restrict REST-API-access only if password protection is active.
Added viewport meta tag to login page.
Added password_protected_show_login filter.
Cookie name is not editable in the admin so display just for reference.
Use default WordPress text domain for “Remember Me” and “Log In” buttons.

2.2.2

Change locked admin bar icon to green.
Fix REST option and always allow access to REST API for logged in users.

2.2.1

Fixed PHP error when calculating cookie expiration date.

2.2

Added admin bar icon to indicate wether password protection is enabled/disabled.
Option to show “Remember me” checkbox. Props Christian Güdel.
REST API access disabled if password not entered.
Admin option to allow REST API access.
More robust checking of password hashes.

2.1

Update caching notes for WP Engine and W3 Total Cache plugin.
Tested up to WordPress 4.8

2.0.3

Declare methods as public or private and use PHP5 constructors.
Show user’s IP address beside “Allow IP Addresses” admin setting.
Add CHANGELOG.md and README.md

2.0.2

Check allowed IP addresses are valid when saving.
Only redirect to allowed domain names when logging out.

2.0.1

Split logout functionality into separate function.
Security fix: Use a more complex password hash for cookie key. Props Marcin Bury, Securitum.

2.0

Added password_protected_logout_link shortcode.
Load ‘password-protected-login.css’ in theme folder if it exists.
Added password_protected_stylesheet_file filter to specify alternate stylesheet location.
Added is_user_logged_in(), login_url(), logout_url() and logout_link() methods.
Added Basque, Czech, Greek, Lithuanian and Norwegian translations.
Better handling of login/out redirects when protection is not active on home page.

1.9

Fixed “Allow Users” functionality with is_user_logged_in(). Props PatRaven.
Added option for allowed IP addresses which can bypass the password protection.
Added ‘password_protected_is_active’ filter.

1.8

Support for adding “password-protected-login.php” in theme directory.
Allow filtering of the ‘redirect to’ URL via the ‘password_protected_login_redirect_url’ filter.
Added ‘password_protected_login_messages’ action to output errors and messages in template.
Updated translations.
Use current_time( ‘timestamp’ ) instead of time() to take into account site timezone.
Check login earlier in the template_redirect action.

1.7.2

Fix always allow access to robots.txt.
Added ‘password_protected_login_redirect’ filter.
Updated translations.

1.7.1

Fix login template compatibility for WordPress 3.9

1.7

Remove JavaScript that disables admin RSS checkbox.
Added ‘password_protected_theme_file’ filter to allow custom login templates.
Add option to allow logged in users.

1.6.2

Set login page not to index if privacy setting is on.
Allow redirection to a different URL when logging out using ‘redirect_to’ query and full URL.

1.6.1

Language updates by wp-translations.org (Arabic, Dutch, French, Persian, Russian).

1.6

Robots.txt is now always accessible.
Added support for Uber Login Logo plugin.

1.5

Added note about WP Engine compatibility to readme.txt
Requires WordPress 3.1+
Settings now have their own page.
Fixed an open redirect vulnerability. Props Chris Campbell.

1.4

Add option to allow administrators to use the site without logging in.
Use DONOTCACHEPAGE to try to prevent some caching issues.
Added a contextual help tab for WordPress 3.3+.
Updated login screen styling for WordPress 3.5 compatibility.
Options are now on the ‘Reading’ settings page in WordPress 3.5

1.3

Added checkbox to allow access to feeds when protection is enabled.
Prepare for WordPress 3.5 Settings API changes.
Added ‘password_protected_before_login_form’ and ‘password_protected_after_login_form’ actions.
Added ‘password_protected_process_login’ filter to make it possible to extend login functionality.
Now possible to use ‘pre_update_option_password_protected_password’ filter to use password before it is encrypted and saved.
Ready for translations.

1.2.2

Show login error messages.
Escape ‘redirect_to’ attribute. Props A. Alagha.

1.2.1

Added a “How to log out?” FAQ.
Only disable feeds when protection is active.

1.2

Use cookies instead of sessions.

1.1

Encrypt passwords in database.

1.0

First Release. If you spot any bugs or issues please log them here.

Premium version is worth it

By Katherine Kern (wmpduvaldar) on September 25, 2025

easy to customize; support is fast

I appreciate the support

By vibrantsystems on September 23, 2025

While it took a while to get the plugin working with my website, the support team was able to assist me through the more technical issues and it now works without a hitch!

Great Customer Support

By alchambers on August 22, 2025

I purchased this as a lifetime license, and decided to try it out. I had compatibility issues between this plugin and MainWP, but Muhammad Usama Azad of the Password Protected team was able to debug the issue quickly and provided a fix. It is appreciated.

Very basic free version, but decent.

By lightwavin on August 6, 2025

This plugin appears to be a good one but quite pricey if you want any features but I understand that the developer has spent time creating this plugin and would like to make some money which is fair. Just discovered one of the developers other plugins which helped do what I needed to do. Thank you!

A Very Useful Plugin

By rpm123abc on July 21, 2025

Easy enough to use and does the job quite well. Password Protected is a helpful plugin that provides quick, reliable site protection without any hassle. Great for staging environments or keeping content private. Highly recommended!

Great WordPress plugin

By dantheman55055 on June 20, 2025

Great WordPress plugin. Been using for years

Good tech support +++++

Very Satisfied – Great Experience

By userman on May 28, 2025

The plugin worked perfectly and did exactly what I needed. I had a great experience with the support as well

Excellent Support

By pproctortrc on May 13, 2025

We love this plugin, as we personalize several pages for specific clients and this allows them to access their pages securely. Muhammad responded quickly when an update to the plugin did not work and resolved it for us quickly.

FREE version is a giant advertisement for pro version

By treeflips on May 11, 2025

Many simple features not available. The free plugin is a comprehensive menu of what the PRO version can do. Annoying waste of time for me. I'm probably inspired to go make my own now.