WordPress Password Protection of pages/posts
Password protection is a great way of hiding the content of a few of your posts and pages from general view. Users don’t need to be logged in to see the content – they just need to be given a password by the website owner.
You can password-protect a post or page just by editing the ‘visibility’ before publishing and choosing ‘Password Protected’ instead of ‘Public’.
How to override the default password protection form
The standard format presented to the user is pretty basic – a password field and some text inviting them to enter the password. On most professional websites you will want to customise this message, and perhaps the style of the password form too. WordPress allows you to do this by adding a function and filter to your theme functions.php file to override the default form.
Up until version 3.4, WordPress advocated this code to replace the standard protected post password form.
Password-Protection Problems since WordPress 3.4
WordPress 3.4 retired the wp-pass.php file. This was a subtle change and caught out a lot of website owners. Customised password forms that were added prior to WordPress 3.4 stopped working when the website was upgraded to 3.4, and it’s not always obvious to website owners that this is failing.
If you added your customised password form BEFORE WordPress 3.4, and you have subsequently upgraded your WordPress version, you might just want to check your password-protected pages and posts to make sure they still work. Chances are they won’t!
One solution is to change your theme functions file (/wp-content/your-theme-name/functions.php), replacing the reference to wp-pass.php with wp-login.php?action=postpass. This has worked successfully on one of the sites that I manage.
It is lovely having the password protected part of WordPress. It was certainly reassuring for our Rotarians when they were new to social media and afraid of giving away personal details!
Thanks for the warning for when you up grade. I wasn’t aware there might be an issue. Off to check it now!
Thanks so much for this helpful info. My password protected pages suddenly stopped working (even thought they were working post-upgrade). The switch to wp-login.php?action=postpass did the trick. I was also able to customize the form on my post-template.php file but it’s quite finicky.
Thanks for letting me know it helped you Jason. I suspect that a lot of people will hit the same problem with password protected pages if and when they jump directly from WordPress 3.3.x to 3.5.
It’s interesting that your password-protected pages seemed to worked for a while after you upgraded WordPress though. Are you using a caching plugin such as W3 Total Cache or WP Super Cache? There’s a chance that you were still serving up some cached pages after your upgrade.
Thank your very much ! it solves my problem too ;-)) \o/
Hi. Your code is actually working but I don’t want it redirected to my wp-login.php file but to that page which contains the password protection. Help please, thanks!
I opened my functions.php but i cant find the wp-pass.php. I even opened it on Word and did a Ctrl+F and still no luck!
There’s a small possibility that the code is in another file in your theme. You could try using something like Notepad++ to search for instances of wp-pass.php in your theme files. Also, if you’re using a child theme, it’s worth checking that it isn’t in there.