Public, Password Protected or Private Posts?

What is the difference between Public, Password Protected or Private Posts in WordPress?

There might be times when you want to keep your WordPress content for private usage. They can be your personal diary blogs or family photos that shouldn’t be seen by everybody.

Fortunately, WordPress provides a built-in function to determine the visibility of your pages and posts. It gives you full control over your content accessibility. You can make your WordPress pages or posts public to all users, grant access to specific roles only, or even hide them under a password form.

In this post, I will show you the differences between 3 visibility options: Public, Private, and Password Protected Posts. At the end of this article, you can choose which WordPress visibility option best fits your needs.
At the top right corner of the edit screen, you can see the Visibility option under the Publish section.

Underneath it, there are 3 options for you to choose from:

  • Public: The default option. Your post will be viewable to all.
  • Password Protected: Allow you to lock your post with a password. Only those with the correct password are able to open the content.
  • Private: Hides the content from the public completely by sending them to a 404 page when opening it. Only permitted users have access to these posts.

    What Are Differences Between WordPress Public, Private, and Protected Options?

    WordPress Public Content

    The name says it all. “Public” is a default setting for every post/page. If you don’t adjust the visibility, your content will be visible to anyone in the world as soon as it’s published.

  • WordPress Private Content

    If you choose the Private option, only users logged in as admins, editors, and authors can access your content.

  • However, each role has different access permission:
    • Administrator: can view, create, edit, and delete any private post, regardless of who made it.
    • Editor: can view, create, edit, and delete any private post, regardless of who made it.
    • Author: can view, create, edit, and delete their own posts. Authors cannot view or edit private posts created by other users, though.

    When authorized users access private content, they’ll see the “Private:” text before the title.

  • In the meantime, un-authoried users who try to access your private content via its URLs will be redirected to a 404 not found page.
  • The only limitation of setting your posts private is that you cannot grant access to other roles except for the 3 listed ones.

    WordPress Protected Content

    This option allows you to protect your content with a preset password.

    Different from private options, which make your content completely private, this feature creates a password form to shield your protected post. It means everyone can open your protected content if they can enter a correct password.

    Once you check in this option, a box will appear enabling you to key in your password. Make sure your password is strong enough to prevent brute force attacks. Hackers can break passwords like “123” or “abc” in seconds.

  • After implementing protection, only users entering the correct password can access your content.Please note that this function of WordPress is applicable to single pages or posts only. And you can set only one password per protected page or post. This might lead to a leak of security when your users keep sharing the password. Plus, your password will never expire which means that anyone can use it at any time.