WordPress at a glance

wp_generate_password() WP 1.0

Generates a random password drawn from the defined set of characters.

This is a pluggable function, and it can be replaced from plugin. It means that this function is defined (works) only after all plugins are connected (included), but before this moment the function has not yet been defined... Therefore, you cannot call this and all functions depended on this function directly from a plugin code. It must be called via hook plugins_loaded or later, for example on hook init.

Function replacement (override) — in a plugin you can create a function with the same name, then it will replace this function.

Works based on: wp_rand()
✈ 1 time = 0.000068s = very fast | 50000 times = 1.32s = fast | PHP 7.0.4, WP 4.4.2
Hooks in function

String. The random password.


wp_generate_password( $length, $special_chars, $extra_special_chars );
The length of password to generate.
Default: 12
Whether to include standard special characters.
Default: true
Whether to include other special characters. Used when generating secret keys and salts.
Default: false

Code of wp generate password: wp-includes/pluggable.php VER 5.0.3

function wp_generate_password( $length = 12, $special_chars = true, $extra_special_chars = false ) {
	$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
	if ( $special_chars )
		$chars .= '!@#$%^&*()';
	if ( $extra_special_chars )
		$chars .= '-_ []{}<>~`+=,.;:/?|';

	$password = '';
	for ( $i = 0; $i < $length; $i++ ) {
		$password .= substr($chars, wp_rand(0, strlen($chars) - 1), 1);

	 * Filters the randomly-generated password.
	 * @since 3.0.0
	 * @param string $password The generated password.
	return apply_filters( 'random_password', $password );

Related Functions

From tag: password

More from tag: Site security (safety)

No comments
    Hello, !     Log In . Register