Chykalophia Docs
Giving Chykalophia access

Give WordPress access with an application password

A more secure alternative for granting access to third-party apps or specific API integrations without sharing your main password.

accesssecuritywordpressintermediate

Sometimes, we need to connect external software or a custom script to your WordPress website. Instead of giving that software your actual WordPress admin login and password, WordPress offers a brilliant, secure feature called Application Passwords.

Quick summary

An Application Password is a unique, randomly generated password that can only be used for API requests and integrations, not for logging into the WordPress dashboard. Go to Users → Profile, scroll down to Application Passwords, name it (e.g., "Chykalophia API"), and click Add New. Share that generated password securely with us.

Why use an Application Password?

Intermediate 3 minutes

Application Passwords are an "Architect-level" security move. They are incredibly useful for integrations because:

  1. They are limited: They cannot be used to log into your actual /wp-admin dashboard screen.
  2. They are trackable: You can see exactly when a specific application password was last used.
  3. They are easily revokable: If an integration is no longer needed, you can revoke just that single application password without having to change your own main user password.

Step-by-step instructions

To generate an Application Password, you must already have an Administrator account on your WordPress site.

Log in to your website. Go to your WordPress login page and sign in.

Go to your Profile. In the left-hand menu, hover over Users and click Profile.

Find the Application Passwords section. Scroll down near the bottom of your profile page until you see the section titled Application Passwords.

Name the password. In the "New Application Password Name" box, type something descriptive so you remember what it's for. We recommend naming it Chykalophia API or Chykalophia Integration.

Click Add New Application Password. WordPress will immediately generate a long, random string of characters (e.g., abcd EFGH ijkl MNOP qrst UVWX).

Copy the password immediately. This is the only time WordPress will show you this password. Copy it to your clipboard.

Share it with us securely. Because this is a raw password string, do not email it in plain text. Please use a secure sharing link as outlined in our how to share a password safely guide.

Common questions

Give us WordPress admin access

How to safely add our team as an Administrator in your WordPress dashboard so we can build and maintain your site.

Give us WooCommerce store access

How to safely grant us access to manage and optimize your online store without compromising sensitive customer payment data.

On this page

Why use an Application Password?Step-by-step instructionsCommon questions