Created
May 1, 2026 09:52
-
-
Save paulgoodchild/0c7c8818d419cdcfed6bf637f5b54aeb to your computer and use it in GitHub Desktop.
Shield Security: Force administrator passwords to expire after 90 days
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php declare( strict_types=1 ); | |
| /** | |
| * Shield Security for WordPress: | |
| * Force administrator passwords to expire after 90 days. | |
| * | |
| * Add this to your theme's functions.php file or a custom snippets plugin. | |
| * | |
| * Shield passes: | |
| * - $isExpired: Shield's current password expiry decision. | |
| * - $user: The WP_User being checked. | |
| * - $passAge: The current password age, in seconds. | |
| * - $expireTTL: Shield's configured password expiry timeout, in seconds. | |
| */ | |
| add_filter( | |
| 'shield/user/is_user_password_expired', | |
| function ( bool $isExpired, \WP_User $user, int $passAge, int $expireTTL ) :bool { | |
| if ( \in_array( 'administrator', (array)$user->roles, true ) ) { | |
| $isExpired = $passAge > 90 * \DAY_IN_SECONDS; | |
| } | |
| return $isExpired; | |
| }, | |
| 10, | |
| 4 | |
| ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment