To access password settings, go to:
WordPress Dashboard → Users → Add New User
or
Dashboard → Users → All Users → Edit User
When creating or updating a user account, Frame automatically generates a secure password. We recommend using the generated password whenever possible because it is long, randomized, and difficult to guess.
WordPress also includes a password strength indicator that rates the password as:
Very Weak — red
Weak — light red
Medium — yellow
Strong — green
For best security, use a password that receives a Strong rating.
Use the Correct User Role
When adding a new user, assign the lowest level of access they need to complete their work. Not every user needs Administrator access. Limiting permissions helps protect the site if an account is ever compromised.
If a user no longer needs access to Frame, remove the user account or change their role instead of leaving unused accounts active.
Recommended Password Managers
We recommend using a trusted password manager to generate, store, and manage secure passwords. Password managers make it easier to use long, random, and unique passwords for every account without needing to memorize them.
Recommended password managers include:
Using a password manager also helps prevent password reuse across multiple websites. This is important because if one account is compromised, reused passwords can put other accounts at risk.
Password Length and Format
Passwords should prioritize length and uniqueness over complicated character rules. A password should be at least 8 characters, with a strong preference for 15 or more characters.
Avoid predictable passwords such as:
Password123!
Admin2026
Welcome1
Frame123
Even though these passwords include uppercase letters, numbers, or symbols, they are still predictable and easier to guess.
For best security, use your password manager to generate a unique password for each Frame account and make sure the password receives a Strong rating from the password strength indicator.
Do Not Share Passwords
Passwords should not be shared through email, text messages, chat, or shared documents. If another person needs access to Frame, create a separate user account for them instead of sharing an existing login.
Change Passwords When Needed
Passwords do not need to be changed on a routine schedule unless there is a reason to believe the password is no longer secure. Change a password if:
The password was shared accidentally
The account may have been accessed by someone else
The same password was used on another website that had a breach
A user no longer needs access to the site
Should I use the password generated by Frame?
Yes. We recommend using the password generated by Frame whenever possible. Generated passwords are long, randomized, and difficult to guess.
What password strength rating should I use?
For best security, use a password that receives a Strong rating from the password strength indicator.
Can I use the same password for multiple Frame accounts?
No. Each account should use a unique password. Reusing passwords increases the risk of multiple accounts being compromised if one password is exposed.
Do I need a password manager?
We strongly recommend using one. Password managers such as Bitwarden, 1Password, and NordPass can generate and store long, unique passwords for each account.
Should users share one login?
No. Each person should have their own user account. This makes it easier to manage access, assign the correct role, and remove access when it is no longer needed.