Password Protect – Temporary Login Without Password & Password Protect Entire Site

Live Demo | Support

Smart Password Protect is the most powerful and versatile security plugin for WordPress. It combines robust site-wide password protection with a modern temporary login system, giving you complete control over who accesses your website.

Whether you are developing a site in a staging environment, putting your site in maintenance mode, or need to grant temporary admin access to a developer, Smart Password Protect has you covered.

We analyzed the top security plugins in the market and built a better, all-in-one solution. Stop installing multiple plugins for “Maintenance Mode”, “Password Protection”, and “Temporary Logins”. Get it all in one lightweight, high-performance package.

🔥 Key Features Overview

1. 🔐 Password Protect Entire Site (Maintenance Mode)

Lock your WordPress site instantly with a single password. This is perfect for staging sites, private portfolios, or maintenance mode.

• One-Click Protection: Enable or disable protection instantly from the dashboard.
• IP Whitelisting: Allow specific IP addresses (e.g., your office, home, or client) to bypass the password.
• User Role Bypass: Allow Administrators or logged-in users to access the site without a password.
• SEO Friendly: Automatically sends noindex headers to prevent Google from indexing your private/staging content.
• Modern Password Form: A beautiful, responsive login page that looks great on all devices.
• Remember Me: Users can choose to stay logged in for up to 7 days (configurable).
• Customization: Easily customize the look and feel of the password page via CSS.

2. 🔗 Temporary Login Without Password (Magic Links)

Create secure, self-expiring login links to grant temporary admin access without sharing your real credentials.

• Secure Developer Access: Give developers or support agents admin access safely.
• Auto-Expiration: Set links to expire after 1 hour, 1 day, 7 days, or a custom date.
• No Credentials Needed: Users log in simply by clicking the link. No username or password required.
• Role Management: Assign any role (Admin, Editor, Subscriber) to the temporary user.
• Redirect After Login: Automatically redirect users to a specific page (e.g., Settings, Home, or Custom URL).
• Activity Logs: Track exactly when a temporary user logs in, their IP address, and browser.
• Login Limits: Restrict the number of times a link can be used.
• Self-Preservation: Temporary users cannot deactivate or delete the Smart Password Protect plugin itself.
• Profile Lockdown: Temporary users are blocked from editing their profile or creating/deleting other users.

3. 🛡️ Advanced Security & Logs

Keep a close eye on who is accessing your site and ensure maximum security.

• Detailed Audit Trail: View a history of every temporary login, including time, IP, and browser.
• Bot Protection: Blocks search engine crawlers when protection is active.
• Capability Controls: Restrict temporary admins from deleting plugins or themes.
• Smart Validation: Automatically checks for token expiration and usage limits before allowing access.
• Secure Session: Sets a secure, temporary cookie that expires automatically after 1 day.

⚡ Use Cases for Smart Password Protect

⚡ Use Case #1: Secure Staging & Development Environments
Protect your client’s site while it’s under development. Use the “Password Protection” feature to keep the site hidden from the public and search engines (noindex) while allowing you and your client to view progress. This is the professional way to handle staging sites without complex server configurations.

⚡ Use Case #2: Grant Safe Temporary Access to Developers
Need a developer to fix a bug? Don’t share your admin credentials. Instead, generate a “Temporary Login Link” with a specific role and expiration time. They get one-click access, and you get peace of mind knowing the access will auto-expire and they can’t delete your plugins.

⚡ Use Case #3: Maintenance Mode Made Simple
Updating your site or making design changes? Instantly lock the entire site with a single password. You can whitelist your own IP address to keep working while visitors see a professional password page. It’s faster and easier than installing a dedicated maintenance mode plugin.

⚡ Use Case #4: Exclusive Client Portfolios
Showcase your work privately. Password protect your portfolio site and share the password only with prospective clients. This ensures your creative work remains exclusive and confidential until you are ready to show it to the world.

⚡ Use Case #5: Internal Company Documentation
Create a private hub for your team. Restrict access to internal tools, wikis, or resources. With “User Role Bypass”, your logged-in employees can access content seamlessly without entering a password every time, while outsiders remain blocked.

⚡ Use Case #6: Private Family & Personal Blogs
Share personal stories and photos with only those you trust. Set a simple site-wide password so family and friends can view your content while keeping it safe from strangers and bots. It’s the perfect solution for keeping personal memories private.

🚀 Explore Smart Password Protect Features

✅ Complete Site Protection — 100% FREE

What it does: Instantly locks your entire WordPress site behind a secure password screen. Only visitors with the correct password can access your content.
How to use:
1. Navigate to Smart Password Protect > Password Protection.
2. Toggle “Enable Password Protection” to On.
3. Enter your desired password in the “Set Password” field.
4. (Optional) Adjust “Remember Me” duration to control how long users stay logged in.

✅ Secure Temporary Login Links — No Credentials Needed

What it does: Generates a unique “Magic Link” that logs a user in automatically with a specific role and expiration time. Perfect for developers or support agents.
How to use:
1. Go to Smart Password Protect > Temporary Login.
2. Select an expiration time (e.g., 7 Days).
3. (Optional) Click “+ Show Advanced Options” to set a specific User Role or Login Limit.
4. Click Generate Link and copy the URL.

✅ Passwordless Admin Access

What it does: Allows administrators to access the site without entering the protection password, saving time and hassle.
How to use:
1. Go to Smart Password Protect > Password Protection > Permissions.
2. Toggle “Allow Administrators” to On.
3. Now, if you are logged into WordPress as an admin, you will bypass the password screen automatically.

✅ Allow RSS Feeds

What it does: Ensures your RSS feeds remain accessible even when the site is password protected.
How to use:
1. Go to Smart Password Protect > Password Protection > Permissions.
2. Toggle “Allow RSS Feeds” to On.
3. Your RSS feeds (e.g., /feed) will now be publicly accessible without a password.

✅ Allow REST API

What it does: Allows external applications and mobile apps to access your site’s data via the WordPress REST API by bypassing the protection.
How to use:
1. Go to Smart Password Protect > Password Protection > Permissions.
2. Toggle “Allow REST API” to On.
3. Your site’s REST API endpoints (e.g., /wp-json) will now be accessible.
* Note: When disabled, API requests will return a 401 Unauthorized error with the message “Password protection is enabled”.

✅ Smart IP Whitelisting

What it does: Grants instant access to specific IP addresses (like your home or office) so you don’t have to enter a password.
How to use:
1. Go to Smart Password Protect > Password Protection > IP Settings.
2. Click Auto Fill Input to detect your current IP address.
3. Click Add IP to whitelist it. You can add as many IPs as you need.

✅ Temporary Login Log

What it does: View history of temporary login usage and user actions.
How to use:
1. Go to Smart Password Protect > Temporary Login.
2. Click on the Logs tab.
3. View the list of all recent login attempts to ensure no unauthorized access has occurred.

✅ Auto-Cleanup : Expired Links and Temporary Login Log

What it does: Automatically deletes expired temporary login links and users from your database to keep your site clean and secure.
How to use:
1. Go to Smart Password Protect > Temporary Login > Settings.
2. Find the Expired Links Auto-cleanup setting.
3. Set the number of days (e.g., 30 days) after which expired logs and users will be permanently deleted.

🌟 What Makes Us Different?

Feature                 | Smart Password Protect | Competitor A | Competitor B
------------------------|------------------------|--------------|-------------
Password Protection     |           ✅           |      ✅      |      ❌
Temporary Login         |           ✅           |      ❌      |      ✅
Activity Logs           |           ✅           |      ❌      |      ❌
IP Whitelisting         |           ✅           |      ✅      |      ❌
Modern UI (React)       |           ✅           |      ❌      |      ❌

🔜 Roadmap & Upcoming Features

We are constantly working to improve Smart Password Protect. Here are some features coming in the next update:

• Partial Content Protection: Lock specific parts of a post or page using shortcodes like [protect]Content[/protect].
• Granular Protection: Password protect individual Pages, Posts, and Categories.
• WooCommerce Protection: Hide your shop or specific products from the public.
• Password Styles: Customize the look and feel of the password login page with a visual editor.
• Multiple Passwords: Set different passwords for different users or groups.
• Email Notifications: Get notified when someone logs in via a temporary link.

⚡ Reasons Why You Should Opt for Smart Password Protect

⚡ Reason #1: Uncompromising Security & Control
Upgrade your site’s defense mechanisms with ease. Smart Password Protect allows you to lock your entire website instantly with a single password, while offering granular controls like IP Whitelisting and User Role Bypass. Built with advanced encryption and “Self-Preservation” logic, it ensures that temporary users cannot disable the plugin or hijack your site, giving you total peace of mind.

⚡ Reason #2: Eliminate the Risk of Sharing Credentials
Never share your admin username and password again. With our Temporary Login (Magic Links) feature, you can generate secure, self-expiring access links for developers or support agents. These links use cryptographically secure tokens and allow one-click access without requiring any credentials. Once the work is done, the access is automatically revoked, keeping your main admin account completely secure.

⚡ Reason #3: Automated & Hands-Free Management
Say goodbye to manual user cleanup. Set your temporary login links to expire automatically after 1 hour, 1 day, or 7 days. Our intelligent “Auto-Cleanup” system runs in the background to permanently remove expired links and temporary user accounts from your database. This “set it and forget it” approach keeps your site clean and reduces administrative overhead.

⚡ Reason #4: Gain Valuable Insights with Activity Logs
Knowledge is power. Stay informed with our detailed Activity Logs that tracks every single temporary login event. Monitor exactly who accessed your site, when they logged in, their IP address, and even their browser information. This audit trail is essential for security monitoring and ensures you always have oversight of external access.

⚡ Reason #5: Optimized for Speed & SEO
Don’t let security slow you down. Smart Password Protect is engineered to be lightweight and bloat-free, ensuring zero impact on your site’s loading speed. It also automatically handles SEO best practices by sending noindex headers for protected content, preventing Google from indexing staging sites or private pages. Plus, it works seamlessly with major caching plugins like WP Rocket and W3 Total Cache.

⚡ Reason #6: The Ultimate All-in-One Toolkit
Stop cluttering your site with multiple plugins. Smart Password Protect combines robust Maintenance Mode, Site-Wide Password Protection, and Temporary Login functionality into a single, cohesive package. By consolidating these features, you reduce plugin conflicts, save server resources, and simplify your workflow.

⚡ Reason #7: Intuitive & Modern User Experience
We believe security shouldn’t be complicated. Our plugin features a modern, React-powered dashboard that is intuitive and easy to navigate. From generating links to toggling protection, every action is just a click away. The frontend password form is also fully responsive and customizable, ensuring a professional experience for your visitors on any device.

⚡ Reason #8: Built for Developers
Need more control? We’ve got you covered. Smart Password Protect is packed with hooks and filters, allowing developers to customize functionality to fit specific needs. Whether you need to modify bypass rules, control REST API access, or integrate with other tools, our codebase is clean, documented, and developer-friendly.

Check out our other Plugins

Enhance your WordPress site with our other powerful plugins:

• Access Defender – Advanced security plugin to protect your WordPress site from unauthorized access and malicious attacks.
• Contributors Gallery – Showcase your WordPress contributors in a beautiful and customizable gallery layout.
• Product Spotlight Badge – Highlight your WooCommerce products with eye-catching badges to boost sales.
• Redirect After Logout – Redirect users to a custom page after logging out for enhanced user experience.
• Smart Optimizer – Instantly Boost Page Speed with One-Click Optimization
• Random Quote – Daily Inspirational Quotes for WordPress

Quick Start (Recommended)

1. Install from WordPress Dashboard:

   • Go to Plugins > Add New.
   • Search for “Smart Password Protect“.
   • Click Install Now → Activate.

2. Configure in 2 Minutes:

   • Navigate to Smart Password Protect.
   • You will see the main Dashboard with “Manage Features”.
   • Password Protection is enabled by default. Click Settings to configure your password or disable the feature if not needed.
   • Temporary Login is enabled by default. Click Settings to generate magic links or disable the feature if not needed.

Manual Installation

1. Download the plugin zip file.
2. Go to Plugins > Add New > Upload Plugin.
3. Upload and activate the plugin.
4. Follow the configuration steps above.

Configuration Guide

For Site Protection (Maintenance Mode):

1. Go to the Password Protection tab.
2. Toggle “Enable Password Protection”.
3. Enter your desired password.
4. (Optional) Click “Auto Fill Input” and then click “Add IP” in Allow IP Addresses to whitelist yourself.

For Temporary Access (Magic Links):

1. Go to the Temporary Login tab.
2. Choose an expiration (e.g., 7 Days).
   • If you need advanced features, click on “+ Show Advanced Options”.
   • Max Login Limit: Optional. Limit the number of times this link can be used. Leave empty or 0 for unlimited.
   • Role: Select the role for the temporary user (e.g., Administrator).
3. Click Generate Link.
4. Copy the link and share it with your developer or support agent.

Customization Options:

• Bypass Rules – Allow REST API, or logged-in users to bypass protection.
• Auto-Cleanup – Automatically delete expired temporary links.
• Capability Controls – Restrict temporary users from deleting, installing, activating, or deactivating plugins and themes.

1. 

   Dashboard: The central hub to view protection status, enable/disable features, and access settings for Password Protection and Temporary Login.

2. 

   General Settings (Password Protection): Configure site-wide password and "Remember Me" duration.

3. 

   IP Settings (Allowed IPs): Whitelist IP addresses to bypass password protection automatically.

4. 

   Protection Permissions: Control bypass rules for Administrators, logged-in users, RSS, and REST API.

5. 

   Frontend Password Screen: The secure login screen visitors see when the site is protected.

6. 

   Generate Temporary Link: Create magic links with custom expiration, login limits, and role assignment.

7. 

   Manage Links: View and manage all active and expired temporary login links.

8. 

   Temporary Login Settings: Configure global settings, default roles, auto-cleanup intervals, and capability controls (plugins/themes) for temporary users.

9. 

   Activity Logs: Detailed tracking of temporary login usage and user activity.

10. 

    Temporary Access View: The frontend experience when accessing via a temporary login link.

1.1.0

• New Feature: Temporary Login Links – Create magic links with expiration, login limits, and role assignment.
• New Feature: Activity Logs – Track detailed usage history of temporary login links.
• New Feature: Dashboard – Centralized hub for managing plugin features and status.
• New Feature: Advanced Permissions – Granular control over who can bypass protection (RSS, REST API, etc.).
• New Feature: Capability Controls – Restrict temporary users from performing plugin/theme actions.
• Improvement: Refactored codebase for better performance and maintainability.
• Improvement: Real-time settings updates for a smoother user experience.

1.0.1

• Fixed conflicts with other plugins.
• Fixed navigation tab conflicts.
• Improved CSS and JS performance.

1.0.0

• Initial release.