Compromised Passwords
When you try to login to your website or change your password, your password will be checked against a list of known compromised passwords, and if yours is found on the list, you will need to change it using a strong password before getting in.
If found with a compromised password, you will see this notice on your WordPress login screen, prompting you to update your password using a strong password generator.
Once the password has been updated, you can now successfully log in using a secure password.
Note: Passwords are checked against the list created by Have I Been Pwned. Plaintext passwords are never sent to Have I Been Pwned. Instead, 5 characters of the hashed password are sent over an encrypted connection to their API. Read the technical details here.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article