by Laura Hartwig
Recently I had a client who needed to protect their entire WordPress site with one password. While this seems like it should be an easy task, it isn’t. To my great surprise, there was no plugin out there that does this. You can, of course, protect individual pages or posts with the built-in password protection, or for a members site, you can set up members with their own login. However, I needed a login that no one could change.
There were two problems:
1) The built in password protection only protects individual pages or posts.
2) The regular login protection allows users to change their password. If I was going to be giving out one password for the site, I certainly didn’t want anyone else changing it on me.
I looked everywhere and could not find a solution. I found other people with similar problems. They wanted to set up one username/password so people could see how different parts of their site worked, but invariably, someone would change the password and mess things up for everyone. I also found solutions using php coding, but the coding I found wasn’t working for me, and who wants to get into php coding if they don’t have to?
My solution was to combine three different plugins to give the site the complete protection it needed. The three plugins that I ended up using were:
1) Maven Member
2) Disable Password Reset
3) Disable Password Reset Extended
First of all, I want to say that Maven Member was a much nicer plugin that most of the other member type plugins that I tried. The login page was much easier to customize than Password Protected or Exclusive Content Password Protect or any other plugins I tried. It also allowed you to use your regular header and footer for the site, which is what I wanted, instead of the WordPress login page.
And for most people, that plugin is probably good enough on it’s own. But I wanted to take the security a step further. What if someone realized it was a WordPress site and tried to login through the back? Because I wanted to set up just one user to give out to everyone, the downfall of Maven Member was that users were allowed to edit their profile and change their password. I solved this by using the other two plugins.
Disable Password Reset gets rid of the “Lost your password” link so that people are not able to reset the password through email. Disable Password Reset Extend gets rid of the password reset section of the member profile area. Along with this, you need to be sure to disable the admin bar for that user on the front end and be sure to enable the user as a “Maven Member”. You will also need to be sure to set up all the users you want before enabling the Disable Password Reset Extend plugin because once you do, of course, you cannot add or edit any passwords. You can always disable it to add members, but it is much easier if you have this set up in advance.
Overall, I have to say I was very happy with this easy way to completely protect my site. I’ll admit that this way actually requires a username and password rather than just a password, but it works quite simply. I just wish someone would have figured it out before me so I wouldn’t have had to spend hours looking for the solution. Hopefully, this post will save you some time in protecting your site.