Managing WordPress application passwords with WP Cerber Security wpcerber.com

Using application passwords as a security measure was introduced in WordPress 5.6. This feature enables your users to generate and use separate passwords for accessing website APIs such as REST API. Although using application passwords brings an additional security barrier, the default WordPress implementation of application passwords is minimalistic and has several security issues. For instance, WordPress application passwords have no protection against brute-force attacks. Standard, interactive user passwords can still be used to access website APIs. In this article, we show you how to use WP Cerber to manage, monitor the usage of application passwords, and how to be notified when a user creates one.