WordPress prohibits specific users from modifying passwords


This article illustrates how WordPress prohibits specific users from modifying passwords. Share for your reference. The specific methods are as follows:

Sometimes we hope that some users can’t change their passwords, and some users can change their passwords. Here’s how WordPress forbids specific users to change their passwords.

The method is very simple. Just remove the right to modify the password of this public account. We can add the following code in functions. PHP recorded under the theme:

Copy code

The code is as follows:

$disable_ids = array (2); //User ID prohibiting password modification
global $current_user;
if ( in_array( $current_user->ID, $disable_ids ) ) {
// Background Personal Data Page, Hide Password Input Box
add_filter(‘show_password_fields’, create_function(‘$nopass_profile’, ‘return false;’));

// Prevent password modifications from being submitted by other means
add_action(‘personal_options_update’, ‘no_save_pwd’);
function no_save_pwd( $user_id ) {
if(!emptyempty($_POST[‘pass1’])) $_POST[‘pass1’] = ”;
if(!emptyempty($_POST[‘pass2’])) $_POST[‘pass2’] = ”;
// Prohibit password retrieval
add_filter(‘allow_password_reset’, ‘no_reset_pwd’, 10, 2);
function no_reset_pwd( $allow, $user_id ) {
global $disable_ids;
if ( in_array( $user_id, $disable_ids ) )
$allow = false;

return $allow;

The second line in the first line of the code above is to prohibit users from modifying passwords. If multiple users are prohibited from modifying passwords, multiple IDS can be separated by half-corner commas, such as array (2,10). It should be noted that the user role prohibiting password modification cannot be an administrator, because administrators can enter the background-appearance-editing and modify functio. Code in ns.php.

If you want to prohibit a user from editing personal data, we can refer to the following method. We add the following code in functions. php of the current topic:

Copy code

The code is as follows:

function disable_user_profile() {
if ( is_admin() ) {
$user = wp_get_current_user();
Change if (2 == $user – > ID) // 2 to the user’s ID
Wp_die (‘No Access’);
add_action( ‘load-profile.php’, ‘disable_user_profile’ );

Of course, if you use the user management function of the front desk, the above method will fail.

I hope this article will be helpful to the construction of WordPress.