Allow Members to Create Weak Passwords During Reset or Profile Update

By default, the log in, password reset, and member password change features within Paid Memberships Pro all require the same minimum password requirements as core WordPress. If your users are struggling to complete account updates due to strong password rules, you can relax these restrictions.

This guide shows you how to allow weak passwords during “Change Password” or “Password Reset” on your Paid Memberships Pro website. 

Understanding the Code Recipe

The code uses the pmpro_allow_weak_passwords filter. This filter lets developers control whether weak passwords are allowed during user interactions with PMPro forms, such as the Member Profile Edit page and password reset screens.

By applying this filter and returning true, the system skips password strength checks and permits users to save passwords regardless of complexity.

About the Code Recipe

This code recipe enables the use of weak passwords by filtering pmpro_allow_weak_passwords and returning true. It affects all areas where PMPro would normally enforce strong password validation, including the “Password Reset” and “Change Password” pages, allowing users to use weaker passwords if desired. 

Use this recipe if your site prioritizes user convenience over strict password rules or if another system manages authentication requirements.

This change is sitewide and applies to all users.

The Code Recipe

Adding the Recipe to Your Website

You can add this recipe to your site by creating a custom plugin or using the Code Snippets plugin available for free in the WordPress repository. Read this companion article for step-by-step directions on either method.

How to Customize This Code Recipe

By default, this code disables the password strength enforcement included in Paid Memberships Pro on the password reset and change password pages. If you want to enforce a stronger password check, make use of our Require Strong Passwords Add On.