WordPress at a glance

wp_generate_password() WP 2.5.0

Generates a random password. You can specify the length and what characters to use.

Uses wp_rand() is used to create passwords with far less predictability than similar native PHP functions like rand() or mt_rand().


String. The random password.

This is a pluggable function, and it can be replaced by a plugin. It means that this function is defined (works) only after all plugins are loaded (included), but before this moment this function has not defined. Therefore, you cannot call this and all functions depended on this function directly from a plugin code. They need to be called on plugins_loaded hook or later, for example on init hook.

Function replacement (override) — in a plugin you can create a function with the same name, then it replace this function.

Works based on: wp_rand()
1 time = 0.000068s = very fast | 50000 times = 1.32s = fast | PHP 7.0.4, WP 4.4.2
Hooks from the function


$password = wp_generate_password( $length, $special_chars, $extra_special_chars );
Password length. The number of characters in the password.
Default: 12
Whether to include standard special characters: !@#$%^&*()
Default: true
Whether to include other special characters. Used when generating secret keys and salts: -_ []{}<>~`+=,.;:/?|
Default: false


#1 Generate a password and display it

Various examples of password generation:

echo wp_generate_password();                 // @iU!ZnjUWZsg
echo wp_generate_password( 15, false );      // YdD6j750MeiOkPa
echo wp_generate_password( 15, true, true ); // .WfvgX6`V^Vg:,_

Список изменений

С версии 2.5.0 Введена.

Code of wp_generate_password() WP 5.5.1

function wp_generate_password( $length = 12, $special_chars = true, $extra_special_chars = false ) {
	$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
	if ( $special_chars ) {
		$chars .= '!@#$%^&*()';
	if ( $extra_special_chars ) {
		$chars .= '-_ []{}<>~`+=,.;:/?|';

	$password = '';
	for ( $i = 0; $i < $length; $i++ ) {
		$password .= substr( $chars, wp_rand( 0, strlen( $chars ) - 1 ), 1 );

	 * Filters the randomly-generated password.
	 * @since 3.0.0
	 * @since 5.3.0 Added the `$length`, `$special_chars`, and `$extra_special_chars` parameters.
	 * @param string $password            The generated password.
	 * @param int    $length              The length of password to generate.
	 * @param bool   $special_chars       Whether to include standard special characters.
	 * @param bool   $extra_special_chars Whether to include other special characters.
	return apply_filters( 'random_password', $password, $length, $special_chars, $extra_special_chars );

Related Functions

From tag: password

More from tag: Site security (safety)

vladlu 100vlad.lu
Editors: kama 100
No comments
    Log In . Register