Skip to content
Create a gist now

Instantly share code, notes, and snippets.

Embed URL


Subversion checkout URL

You can clone with
Download ZIP
Custom Post Password Cookie Expiry Time
<?php /*
Plugin Name: Custom Post Password Cookie Expiry Time
Description: WordPress doesn't allow you to customize how long a post password cookie lasts. This plugin allows you to customize that value;
Version: 1.0.0
Author: Alex Mills (Viper007Bond)
Author URI:
* Hook in right before the normal stuff fires in wp-login.php and set the cookie ourself
add_action( 'login_form_postpass', 'login_form_postpass_custom_expiry' );
function login_form_postpass_custom_expiry() {
global $wp_hasher;
if ( empty( $wp_hasher ) ) {
require_once( ABSPATH . 'wp-includes/class-phpass.php' );
// By default, use the portable hash from phpass
$wp_hasher = new PasswordHash(8, true);
setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( stripslashes( $_POST['post_password'] ) ), time() + 14400, COOKIEPATH );
wp_safe_redirect( wp_get_referer() );

Viper, just to confirm - I paste this in the top of wp-login.php? I completely forgot since Sat when we met.


er...functions.php of my theme...


Yes, your theme's functions.php or a plugin. Either will work.

Side note: here's the core ticket I opened about this issue:


A plugin would probably be better though -- that's what I wrote this code as (the stuff at the top of the code). You can just paste it into a new .php file, upload it to your /wp-content/plugins/ folder, and then activate it. Probably better than using your theme for this.


As of this plugin is no longer needed.

Just hook into the new filter and return your own value.


This code is not working in the latest version of wp 4.3.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.