Application Passwords

What are “Application Passwords” in WordPress?

In WordPress, Application Passwords are a feature designed to provide a secure way for external applications to connect and interact with your WordPress site without using your primary password. This feature ensures that you don’t have to share or expose your main login credentials when integrating third-party tools, apps, or services with your website.

How Do Application Passwords Work?

When you generate an Application Password, WordPress creates a unique, random, and long password specifically for a single application or service. This password gives the designated application access to your site, typically via REST API, without the need for your main account password.

Benefits of Using Application Passwords

There are several advantages associated with the use of Application Passwords:

  • Security: By using application-specific passwords, you avoid sharing your primary WordPress credentials. If a third-party service is compromised, only that specific application password is at risk, not your main password.
  • Control: You can create multiple application passwords for different services. This granularity allows you to revoke access for a specific service without affecting others.
  • Audit: WordPress allows you to see when an application password was last used, helping you monitor and manage external access to your site.

Generating and Managing Application Passwords

To use Application Passwords in WordPress:

  1. Navigate to your user profile within the WordPress dashboard.
  2. Scroll down to the Application Passwords section.
  3. Enter a name for the new password to help you identify its purpose or the application it’s associated with.
  4. Click on “Add New” to generate the password.
  5. Copy and provide this password to the external application or service you wish to grant access.

Remember, each application password should be treated with care. Avoid sharing them recklessly and revoke any passwords that are no longer needed or are associated with services you no longer use.


Application Passwords in WordPress provide a secure method to grant external applications access to your website without compromising your main credentials. By understanding and leveraging this feature, website owners can safely integrate various services while maintaining a high level of security and control over their site’s data.

  • © All rights reserved | Last update April, 2024

Discover many functions on our desktop website