Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Custom Post Password Cookie Expiry Time
<?php /*
Plugin Name: Custom Post Password Cookie Expiry Time
Description: WordPress doesn't allow you to customize how long a post password cookie lasts. This plugin allows you to customize that value;
Version: 1.0.0
Author: Alex Mills (Viper007Bond)
Author URI:
* Hook in right before the normal stuff fires in wp-login.php and set the cookie ourself
add_action( 'login_form_postpass', 'login_form_postpass_custom_expiry' );
function login_form_postpass_custom_expiry() {
global $wp_hasher;
if ( empty( $wp_hasher ) ) {
require_once( ABSPATH . 'wp-includes/class-phpass.php' );
// By default, use the portable hash from phpass
$wp_hasher = new PasswordHash(8, true);
setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( stripslashes( $_POST['post_password'] ) ), time() + 14400, COOKIEPATH );
wp_safe_redirect( wp_get_referer() );

Viper, just to confirm - I paste this in the top of wp-login.php? I completely forgot since Sat when we met.

er...functions.php of my theme...


Viper007Bond commented Aug 8, 2012

Yes, your theme's functions.php or a plugin. Either will work.

Side note: here's the core ticket I opened about this issue:


Viper007Bond commented Aug 8, 2012

A plugin would probably be better though -- that's what I wrote this code as (the stuff at the top of the code). You can just paste it into a new .php file, upload it to your /wp-content/plugins/ folder, and then activate it. Probably better than using your theme for this.


Viper007Bond commented Sep 16, 2013

As of this plugin is no longer needed.

Just hook into the new filter and return your own value.

akumar commented Nov 10, 2015

This code is not working in the latest version of wp 4.3.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment