WordPress Password Protection of pages/posts
Password protection is a great way of hiding the content of a few of your posts and pages from general view. Users don’t need to be logged in to see the content – they just need to be given a password by the website owner.
You can password-protect a post or page just by editing the ‘visibility’ before publishing and choosing ‘Password Protected’ instead of ‘Public’.
How to override the default password protection form
The standard format presented to the user is pretty basic – a password field and some text inviting them to enter the password. On most professional websites you will want to customise this message, and perhaps the style of the password form too. WordPress allows you to do this by adding a function and filter to your theme functions.php file to override the default form.
Up until version 3.4, WordPress advocated this code to replace the standard protected post password form.
Password-Protection Problems since WordPress 3.4
WordPress 3.4 retired the wp-pass.php file. This was a subtle change and caught out a lot of website owners. Customised password forms that were added prior to WordPress 3.4 stopped working when the website was upgraded to 3.4, and it’s not always obvious to website owners that this is failing.
If you added your customised password form BEFORE WordPress 3.4, and you have subsequently upgraded your WordPress version, you might just want to check your password-protected pages and posts to make sure they still work. Chances are they won’t!
One solution is to change your theme functions file (/wp-content/your-theme-name/functions.php), replacing the reference to wp-pass.php with wp-login.php?action=postpass. This has worked successfully on one of the sites that I manage.