Free WordPress Plugin: Disable Application Passwords

Launching a free plugin to disable the new Application Passwords feature introduced in WordPress version 5.6.

The plugin is one line of code. Install and activate to completely disable all of the Application Passwords functionality. To re-enable all Application Passwords, simply deactivate/uninstall the plugin. Easy peasy.

Why is this useful?

Why is this plugin useful? Because not every site needs or wants application passwords. Maybe some do, that’s great knock yourself out and enjoy the new WordPress feature. As long as you understand that when enabled, application passwords are available to ALL users, every role including subscribers can make use of application password functionality.

Take a look for yourself. Try logging into default WordPress as a subscriber and viewing the User Profile. Scroll to the bottom of the screen and check it out, looks something like this:

Subscriber User Profile showing the new Application Passwords feature

So again, ALL user levels will be able to set and use their own application passwords on your site. If that is not something that you want, for whatever reason, then you can use the free Disable Application Passwords plugin to completely disable all application password functionality. Or if you don’t want to use a plugin, you can disable it using a line of code..

Disable without a plugin

The Disable Application Passwords password uses one line of code to disable the application password feature:

add_filter('wp_is_application_passwords_available', '__return_false');

So you can install/activate the plugin, or just add that line to your (child) theme’s functions.php file. Thank you to the WordPress developers who made this possible. Learn more at WordPress.org.

Download

Learn more and download the latest version:

Feedback welcome in the comments below or send via my contact form.

About the Author

Jeff Starr = Web Developer. Security Specialist. WordPress Buff.