Free WordPress Plugin: Disable Application Passwords
Launching a free plugin to disable the new Application Passwords feature introduced in WordPress version 5.6.
The plugin is one line of code. Install and activate to completely disable all of the Application Passwords functionality. To re-enable all Application Passwords, simply deactivate/uninstall the plugin. Easy peasy.
Why is this useful?
Why is this plugin useful? Because not every site needs or wants application passwords. Maybe some do, that’s great knock yourself out and enjoy the new WordPress feature. As long as you understand that when enabled, application passwords are available to ALL users, every role including subscribers can make use of application password functionality.
Take a look for yourself. Try logging into default WordPress as a subscriber and viewing the User Profile. Scroll to the bottom of the screen and check it out, looks something like this:
So again, ALL user levels will be able to set and use their own application passwords on your site. If that is not something that you want, for whatever reason, then you can use the free Disable Application Passwords plugin to completely disable all application password functionality. Or if you don’t want to use a plugin, you can disable it using a line of code..
Disable without a plugin
The Disable Application Passwords password uses one line of code to disable the application password feature:
So you can install/activate the plugin, or just add that line to your (child) theme’s
functions.php file. Thank you to the WordPress developers who made this possible. Learn more at WordPress.org.
Learn more and download the latest version:
Feedback welcome in the comments below or send via my contact form.
Hey Jeff – Why would one want to disable Application Passwords? What’s the pros and cons? Also, you may want to link your text to https://make.wordpress.org/core/2020/11/05/application-passwords-integration-guide/
Not every site needs AP. It introduces unnecessary exposure and likely needless functionality. Put it this way: if you need application passwords, then leave enabled. If you do not need them, then you can disable easily.
Also thanks for mentioning the WordPress.org guide. I’ve added a link to the article.