It’s hard to guess, but harder to remember. For customers, you can usually manage 8 to 10 characters while maintaining good security. They may be used to finding combinations of this length on sites such as Facebook and Amazon. For inner peace, you can ask store administrators and employees to provide longer passwords. Their accounts have more sensitive information and more permissions. It is recommended to set it to at least 12 to 20 characters. You can also recommend a password manager for securely storing credentials to help employees and customers.
2. Multiple character types are required. Most customers are accustomed to using uppercase and lowercase letters, and passwords also use numbers. This is a cross platform standard practice, and these regulations can be incorporated into the policy without increasing user friction. Using special characters (such as!, @, & or *) may make passwords more difficult to guess. However, this strategy is more troublesome for users. If you want to play safely, you can make an appointment with the store administrator password. 3. If customers and store administrators who implement the expiration policy reset their passwords regularly, it is almost impossible for attackers to guess the password. However, some users may find this boring and suggest extending the customer’s expiration time.
The expiration policy is not very common on social media or e-commerce websites. You can see this information more often on the websites of organizations that collect highly personalized user information, such as Google and banks. Shoppers may not be familiar with this requirement and can therefore ignore it altogether. However, you can ask for a new password once or twice a year without much protest. This will also be a good excuse to contact our customers. However, the store administrator account contains more sensitive information. Therefore, it is not difficult to set the expiration time from 4 weeks to 6 weeks. For store administrators, you should also consider enabling the dormant WordPress user policy to avoid inactive user accounts threatening the security of e-commerce stores and business websites.
4. Prohibit reuse of passwords this policy prohibits users from reusing expired old passwords. I repeat, some people may find this requirement troublesome, so they are more tolerant to customers than store managers. It is reasonable to prevent customers from reusing the last two passwords. For store managers, you can increase their limit to the last 5 or 6 combinations they use. How to implement the password policy for woocommerce customers? Measures need to be taken before the woocommerce store starts to implement the password policy. This is where wpassword enters.
The plug-in uses WordPress’s own security mechanism to reset and save passwords. It also clearly shows the password policy. Customers don’t have to try to determine what your criteria are. They have clear guidelines for people who are not proficient in technology to understand. The strategy is also generated based on the user role, so that customers can use a simpler password than the store administrator. For details on how to do this, see configuring different password policies by role. After configuring a strong password policy, users will be prompted to follow the policy every time they create a new account or change their password. One of the advantages of our plug-in is to show the user the requirements. By eliminating guesswork in the formula, you don’t need to bother with password and customer account security.
Use custom landing page? Most of WordPress’s electronic products, including woocommerce
