This is one of those simple how-tos for WordPress, but I was asked on how it worked, so here ya go. 🙂
Why would you want to do this?
Sometimes you have that post you want to publish, say on a testing blog, that you don’t want all and sundry to read. Of course, you might also have a post on your blog that you only want your close friends to see, and not the whole world. Either way, it is useful to know how it works so that if you need to use it, you have an understanding.
Setting a password
As usual, for the purposes of this demo, I’ll be using my test blog which has the slow TinyMCE editor which lags behind my typing. It’s fun to type the letters then see them about 20 seconds later, but I digress. When you’re writing a post and want to put in a password, all you have to do is look to the right of the editor for the Post Password box in the right-hand column of options.
To set the password, all you need to do is type it in.
From there, just publish the post like normal. When you and your visitors go to your blog, they will see this –
How this works for the user
In the last shot, you’ll see that I have included the next post, which is also password-protected. I did this for a reason – it has a different password to the first post. I’ll explain that a little bit later. However, to get the post to show, all you and those you’ve given the password to will need to do is just put in the password and click submit. If you use Firefox, you may be asked to save the password; I’d just go with Not Now. And now, you can see the protected post –
Now, we reach the sticky wicket and the time when I should advise anyone who is averse to technical explanations to tune out for a moment. 🙂
You’ll notice that the second post has gone back to protected status. There is a simple reason for this – cookies. When you have a protected post and a user enters the password for that post, that password gets stored as a cookie for ten days. This means that any protected post with that password will be visible by anyone who knows the password for one of the posts.
If you use multiple passwords, however, you can only see the posts protected by one password because the cookie that is set has the same name, but the value changes to match the last password you put into the form. If you’re making a lot of protected posts, I personally think that it’s unlikely that you’ll be making separate posts for separate groups of people thus requiring separate passwords, so you’re probably fine using one password for all protected posts.
This ends the technical explanation for those who had tuned out. 🙂
The simple explanation is that if you have two posts with two separate passwords, visitors will only be able to see one post at a time, even if they know the passwords to both. If they have the same password, visitors will be able to see both posts if the know the password.
I should also mention that if you have a password-protected post, this is what readers will see in the RSS feed –
There is no excerpt because this is a protected post.
Other things to note
I did a little bit of testing to see what did and what didn’t work with regards to the password protection. Simply put, if you protect a post, all that will be seen is the prompt. After entering the password, the post acts like normal. If there’s a more tag in there, you will have to click to read more of the post. Also, if you read the site’s feed using something like IE7’s built-in feed reader, you will be able to see unlocked posts in the RSS feed. Other online or offline readers will require you to visit the site to see the post. Also, if the reader accepts it (like Firefox livemarks), the excerpt will show if you have unlocked the post.
All in all, password protecting a post in WordPress isn’t that hard, but if you choose to do it, you should be sure that you trust those you give the password out to, depending on the content you put in the locked posts. As always, if you have something you’d like explained, feel free to drop me a line, and I’ll go through it and learn how to do it, then write a post about it. 😉