WordPress: How to remove "Lost your password?" link from login page and disable password reset

If you run a WordPress site and want to increase security by removing the “Lost your password?” link from your login page and also disable the password reset functionality, you’ve come to the right place. I’ll show you how to to do either, or both.

How to remove the “Lost your password?” link from your WordPress login page:

  • Login to your WordPress site as an admin
  • Go to Appearance > Editor
  • Select the functions.php template
  • Copy and paste the code below at the end of the file
  • Save the file by clicking “Update File”
// Remove lost password url from login page
function remove_lostpassword_text ( $text ) {
         if ($text == 'Lost your password?'){$text = '';}
                return $text;
         }
add_filter( 'gettext', 'remove_lostpassword_text' );

How to disable password reset for all users:

Removing the “Lost your password?” link on the login page does not stop people from manually entering the lost password url to use it anyway. The result of enabling the code below will kick back an error when anyone tries to use the form.

How to disable password reset for all users:

  • Login to your WordPress site as an admin
  • Go to Appearance > Editor
  • Select the functions.php template
  • Copy and paste the code below at the end of the file
  • Save the file by clicking “Update File”
// Disable password reset for all users
function disable_password_reset() {
              return false;
              }
add_filter ( 'allow_password_reset', 'disable_password_reset' );