Application passwords offer a secure way for external applications and services to access your WordPress website. However, managing these passwords is crucial for maintaining site security. This article explains how to delete application passwords using the Passworddelete command within the WordPress Command Line Interface (WP-CLI).
The wp user application-password delete command allows you to revoke access for specific applications or remove all application passwords associated with a user. This is particularly useful for revoking access to compromised applications or when performing routine security audits.
Deleting Specific Application Passwords
To delete a specific application password, you need the user ID and the unique Universally Unique Identifier (UUID) of the password. The UUID is generated when the application password is created.
Execute the following command in your terminal:
wp user application-password delete <user_id> <uuid>Replace <user_id> with the actual user ID and <uuid> with the application password’s UUID. For example:
wp user application-password delete 123 6633824d-c1d7-4f79-9dd5-4586f734d69eUpon successful execution, WP-CLI will confirm the deletion:
Success: Deleted 1 of 1 application password.Deleting All Application Passwords for a User
If you need to revoke all application passwords for a specific user, use the --all flag:
wp user application-password delete <user_id> --allAgain, replace <user_id> with the actual user ID. This command will remove all application passwords associated with that user. WP-CLI will confirm the action:
Success: Deleted all application passwords.Important Considerations
- User Identification: You can identify the user using their ID, login name, or email address.
- Security Best Practices: Regularly review and delete unused or unnecessary application passwords to minimize security risks.
- WP-CLI Access: Ensure you have proper access and permissions to use WP-CLI before executing these commands.
Using the passworddelete command in WP-CLI provides a quick and efficient way to manage application passwords, enhancing the security of your WordPress website. Remember to always prioritize security and revoke access when it’s no longer needed. Regularly auditing and managing application passwords contributes significantly to a more secure online presence.
