WordPress How To’s – Forcing All Users Logout

WordPress How To’s – Forcing All Users Logout

Adam Morgan

Do you think that your WordPress account may have been hacked? Then you will want to make sure that you force log out of all users on your website. Or, you may just simply need all of your logged in users to re-login. Other scenarios where you may feel the need to do this is if you suspect people of sharing passwords to access your website or if you are using a public with no VPN service. There is no default way to do this and so there are a few steps that you will need to do to achieve this.

Forcing Log Out of All WordPress Users

The first thing you will be required to do to force the logout of all WordPress users is connect your site using FTP or with File Manager in cPanel. You should then be able to find the wp-config.php file in the root folder. Right click and choose ‘Edit.’ This will open the file in a text editor.

Once inside this file, you will then see the code block. Each of the lines in the code block are named authentication keys and salts. The next thing you will need to do is go to the WordPress Salts generator page. Here, this page creates at random new key strings and you can use these within the file. These existing keys then need to be replaced by the newly generated keys. Once you have done this, you must save the changes and then upload the wp-config file back to the server. When you change the salts, all of your WordPress users will automatically be logged out and will have to re-login to access the site.

How to Improve Password Security on WordPress

The simple truth is that most users will have a weak and easy to hack password for any WordPress site that is a membership style of the site or where users register their details. When passwords are too easy to hack, this poses a security risk to your website. If you think your WordPress site has been hacked, you will not only want to force re-login of users, you may also want them to generate new passwords.

The easiest way to solve the problem of users simply using the same weak passwords again is to enforce the use of strong passwords. A commonly asked question here though is how to remember these tricky passwords. There are now plenty of great apps that you can use that will manage your passwords for you. These strong passwords will help reinforce the safety and security of your WordPress website and will discourage hackers from attacking your site.

Have you had to force re-logins or password changes on your WordPress website? If so, let us know what challenges you faced in the comments!