{"id":26433,"date":"2013-11-26T22:18:23","date_gmt":"2013-11-26T22:18:23","guid":{"rendered":"https:\/\/wordpress.org\/plugins-wp\/master-post-password\/"},"modified":"2025-04-25T05:46:49","modified_gmt":"2025-04-25T05:46:49","slug":"master-post-password","status":"publish","type":"plugin","link":"https:\/\/ga.wordpress.org\/plugins\/master-post-password\/","author":3606,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.4","stable_tag":"1.4","tested":"6.8.5","requires":"4.7","requires_php":"","requires_plugins":null,"header_name":"Master Post Password","header_author":"Scott Reilly","header_description":"","assets_banners_color":"cdcdcd","last_updated":"2025-04-25 05:46:49","external_support_url":"","external_repository_url":"","donate_link":"https:\/\/www.paypal.com\/cgi-bin\/webscr?cmd=_s-xclick&hosted_button_id=6ARCFJ9TX3522","header_plugin_uri":"https:\/\/coffee2code.com\/wp-plugins\/master-post-password\/","header_author_uri":"https:\/\/coffee2code.com\/","rating":5,"author_block_rating":0,"active_installs":50,"downloads":7728,"num_ratings":4,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1..3":{"tag":"1..3","author":"coffee2code","date":"2019-03-11 05:26:21"},"1.0":{"tag":"1.0","author":"coffee2code","date":"2013-11-26 22:18:23"},"1.0.1":{"tag":"1.0.1","author":"coffee2code","date":"2013-12-17 18:54:16"},"1.0.2":{"tag":"1.0.2","author":"coffee2code","date":"2014-08-26 06:34:09"},"1.0.3":{"tag":"1.0.3","author":"coffee2code","date":"2015-02-19 23:46:50"},"1.1.1":{"tag":"1.1.1","author":"coffee2code","date":"2016-06-26 17:08:24"},"1.2":{"tag":"1.2","author":"coffee2code","date":"2017-02-01 06:24:49"},"1.2.1":{"tag":"1.2.1","author":"coffee2code","date":"2018-05-26 08:35:28"},"1.3.1":{"tag":"1.3.1","author":"coffee2code","date":"2019-06-11 05:03:27"},"1.3.2":{"tag":"1.3.2","author":"coffee2code","date":"2019-11-29 07:10:43"},"1.3.3":{"tag":"1.3.3","author":"coffee2code","date":"2020-05-20 07:57:26"},"1.3.4":{"tag":"1.3.4","author":"coffee2code","date":"2020-09-10 07:38:45"},"1.3.5":{"tag":"1.3.5","author":"coffee2code","date":"2021-04-21 06:39:16"},"1.3.6":{"tag":"1.3.6","author":"coffee2code","date":"2021-10-05 07:06:49"},"1.3.7":{"tag":"1.3.7","author":"coffee2code","date":"2023-09-03 05:41:14"},"1.3.8":{"tag":"1.3.8","author":"coffee2code","date":"2025-02-24 06:44:32"},"1.4":{"tag":"1.4","author":"coffee2code","date":"2025-04-25 05:46:49"}},"upgrade_notice":{"1.4":"

Minor update: converted input field to a password input with toggle to show\/hide the password, sanitized submitted password value, noted compatibility through WP 6.8+ and PHP 8.3+, and updated copyright date (2025)<\/p>","1.3.8":"

Trivial update: prevented translations from containing unintended markup, noted compatibility through WP 6.7+, removed unit tests from release packaging, and updated copyright date (2025)<\/p>","1.3.7":"

Trivial update: noted compatibility through WP 6.3+ and updated copyright date (2023)<\/p>","1.3.6":"

Trivial update: noted compatibility through WP 5.8+ and minor reorganization and tweaks to unit tests<\/p>","1.3.5":"

Trivial update: noted compatibility through WP 5.7+, tweaked some documentation formatting, and updated copyright date (2021)<\/p>","1.3.4":"

Trivial update: Added newlines to output markup, restructured unit test file structure, expanded unit testing, and noted compatibility through WP 5.5+.<\/p>","1.3.3":"

Trivial update: Added TODO.md file, updated a few URLs to be HTTPS, and noted compatibility through WP 5.4+.<\/p>","1.3.2":"

Trivial update: noted compatibility through WP 5.3+ and updated copyright date (2020)<\/p>","1.3.1":"

Trivial update: modernized unit tests, created CHANGELOG.md to store historical changelog outside of readme.txt, noted compatibility through WP 5.2+<\/p>","1.3":"

Minor update: tweaked plugin initialization process, aded more inline documentation, noted compatibility through WP 5.1+, updated copyright date (2019)<\/p>","1.2.1":"

Minor update: fixed unit tests, added README.md, noted GDPR compliance, noted compatibility through WP 4.9+. and updated copyright date (2018)<\/p>","1.2":"

Recommended update: some back-end reimplementation to take advantage of WP 4.7 changes, compatibility is now WP 4.7+ (this version won't work for earlier versions of WP), updated copyright date (2017), and other minor improvements.<\/p>","1.1.1":"

Trivial update: verified compatibility through WP 4.5.<\/p>","1.1":"

Minor update: improved support for localization; verified compatibility through WP 4.4; updated copyright date (2016).<\/p>","1.0.3":"

Trivial update: added more unit tests; noted compatibility through WP 4.1+; updated copyright date<\/p>","1.0.2":"

Trivial update: noted compatibility through WP 4.0+; added plugin icon.<\/p>","1.0.1":"

Trivial update: noted compatibility through WP 3.8+<\/p>","1.0":"

Initial public release.<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":0,"5":4},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":972969,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":972969,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":811069,"resolution":"1544x500","location":"assets","locale":""},"banner-772x250.png":{"filename":"banner-772x250.png","revision":811069,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1..3","1.0","1.0.1","1.0.2","1.0.3","1.1.1","1.2","1.2.1","1.3.1","1.3.2","1.3.3","1.3.4","1.3.5","1.3.6","1.3.7","1.3.8","1.4"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":811069,"resolution":"1","location":"assets","locale":""}},"screenshots":{"1":"A screenshot of the Settings<\/code> -> Reading<\/code> admin page showing the \"Master Post Password\" input field."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[1930,19044,86,19043,396],"plugin_category":[54],"plugin_contributors":[78189],"plugin_business_model":[],"class_list":["post-26433","plugin","type-plugin","status-publish","hentry","plugin_tags-password","plugin_tags-passworded","plugin_tags-post","plugin_tags-post-password","plugin_tags-privacy","plugin_category-security-and-spam-protection","plugin_contributors-coffee2code","plugin_committers-coffee2code"],"banners":{"banner":"https:\/\/ps.w.org\/master-post-password\/assets\/banner-772x250.png?rev=811069","banner_2x":"https:\/\/ps.w.org\/master-post-password\/assets\/banner-1544x500.png?rev=811069","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/master-post-password\/assets\/icon-128x128.png?rev=972969","icon_2x":"https:\/\/ps.w.org\/master-post-password\/assets\/icon-256x256.png?rev=972969","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/master-post-password\/assets\/screenshot-1.png?rev=811069","caption":"A screenshot of the Settings<\/code> -> Reading<\/code> admin page showing the \"Master Post Password\" input field."}],"raw_content":"\n

Define a master post password that works for all passworded posts, while permitting the original post passwords to also work.<\/p>\n\n

Once the master post password has been provided by a visitor for any passworded post on the site, it applies to unlock all other passworded posts (without needing to provide the master post password again for each such post) until the site's cookies expire in the browser.<\/p>\n\n

There are two means by which the master post password can be defined:<\/p>\n\n

a.) As a constant, C2C_MASTER_POST_PASSWORD<\/code>. This is typically done in wp-config.php like so:<\/p>\n\n

define( 'C2C_MASTER_POST_PASSWORD', 'your_master_post_password' );\n<\/code><\/pre>\n\n
b.) Via the settings field labeled \"Master Post Password\" found on the Settings<\/code> -> Reading<\/code> admin page.<\/p>\n\n
If the constant is defined, it takes precedence and the settings field is NOT<\/em> displayed.<\/p>\n\n
Links: Plugin Homepage<\/a> | Plugin Directory Page<\/a> | GitHub<\/a> | Author Homepage<\/a><\/p>\n\n\n
    \n
  1. Install via the built-in WordPress plugin installer. Or install the plugin code inside the plugins directory for your site (typically \/wp-content\/plugins\/<\/code>).<\/li>\n
  2. Activate the plugin through the 'Plugins' admin menu in WordPress<\/li>\n
  3. Set a master post password\na. via the 'Settings' -> 'Reading' admin menu\nb. (optional; advanced) Set the master post password via C2C_MASTER_POST_PASSWORD<\/code> constant. This also serves to prevent the admin option from being displayed.<\/li>\n<\/ol>\n\n\n
    \n
    Does this work for *all* passworded posts, regardless of their explicitly set post password?<\/h3><\/dt>\n
    Yes.<\/p><\/dd>\n
    Does the explicitly set post password for a given post still work?<\/h3><\/dt>\n
    Yes. A visitor can supply either the post's password or the master post password to access the content.<\/p><\/dd>\n
    Will this require a password for posts that didn't already have a post password configured?<\/h3><\/dt>\n
    No. It only affects posts that already have a post password.<\/p><\/dd>\n
    Does this remove or change the password for passworded posts to the master post password?<\/h3><\/dt>\n
    No. Any explicitly set post password remains unchanged and functional. The master post password is saved separately from posts.<\/p><\/dd>\n
    If I have multiple password protected posts listed, do I need to provide the master post password for each one to view them all (a bit redundant since I obviously know the master post password and it applies to all of them)?<\/h3><\/dt>\n
    No, if you provide the master post password for one post, it'll automatically be applied to all passworded posts until the site's browser cookies expire.<\/p><\/dd>\n
    What happens if I change the master post password?<\/h3><\/dt>\n
    Other than the obvious (the master post password has a new value), all existing users of the old master post password will expire when a browser attempts to view a passworded post. The visitor will have to provide the original post password(s) or the new master post password. If a visitor accessed a passworded post using the post's explicitly set post password, then they will not be affected by a master post password change.<\/p><\/dd>\n
    Is the master post password stored securely?<\/h3><\/dt>\n
    No. As is the case for post passwords in WordPress, the master post password is stored in the database as plaintext. That is unless the master post password is set by a constant, in which case it is never stored in the database and only in the given .php file (typically wp-config.php<\/code>, where other site passwords are defined).<\/p>\n\n
    The master post password is<\/em> shown using a password input field, so it is not visibly exposed to those who may be looking over your should or if you're doing a screenshare while navigating the admin. But you are encouraged to use the constant if you wish to keep the password as private and secure as possible.<\/p><\/dd>\n
    Why can't I see the setting on the \"Reading Settings\" admin page?<\/h3><\/dt>\n
    Are you logged in as an administrative user who can access the \"Settings\" -> \"Reading\" admin page? Is the plugin installed and activated?<\/p>\n\n
    Assuming those are true, have you set a master post password via the C2C_MASTER_POST_PASSWORD<\/code> constant? If so, the admin setting will not be displayed.<\/p><\/dd>\n
    Does this plugin have unit tests?<\/h3><\/dt>\n
    Yes. The tests are not packaged in the release .zip file or included in plugins.svn.wordpress.org, but can be found in the plugin's GitHub repository<\/a>.<\/p><\/dd>\n
    Is this plugin localizable?<\/h3><\/dt>\n
    Yes.<\/p><\/dd>\n
    Is this plugin GDPR-compliant?<\/h3><\/dt>\n
    Yes. This plugin does not collect, store, or disseminate any information from any users or site visitors.<\/p><\/dd>\n\n<\/dl>\n\n\n
    1.4 (2025-04-23)<\/h4>\n\n