WordPress 4.3: Two New Features Add Efficiency & Security

I maintain about 15 client sites, and much of that work involves frequent updates to themes, plugins, and WordPress for each site. As part of this process, I try to keep every client up-to-date with the new features in plugins and WordPress as they become available. Usually, a new version of WordPress has one notable feature at most that really matters to WordPress users who aren’t the every-day type of editors.

WordPress 4.3 came out last week, though, and this one has two new, excellent features that all WordPress users should know about and take advantage of. Here they are, in order of my excitement!

New Text Shortcuts

For a long time, there have been keyboard shortcuts in WordPress. ALT + SHIFT + 2 makes a heading 2, ALT + SHIFT + Q makes a blockquote, etc. You can find the full list in the keyboard shortcuts help button:

The Keyboard Shortcuts Help Icon

In version 4.3, WordPress introduced new character shortcuts—you might think of them as a weird type of autocompletion—that you type directly into the editor and are converted to formats. They are fantastic, a total time saver, and also listed in that Keyboard Shortcuts help button.

For example, typing “-” or “*” and a space, automatically becomes the first bullet in an unordered list. “1.” or “1)” starts a numbered list. Here, I’ll do it right now to write out the full list of formatting shortcuts:

  • “-” or “*” + SPACE = bulleted list
  • “1.” or “1)” + SPACE = numbered list
  • ## TEXT = Heading 2
  • ### TEXT = Heading 3
  • ####, #####, ###### = Headings 4, 5, and 6
  • “>” Will turn a paragraph into a blockquote when you start a new paragraph.

Here’s a 20-second video from WordPress.org of those shortcuts in action:

If you ever don’t want the formatting change, just hit BACKSPACE and then keep typing!

These are absolute time savers and worth immediately introducing to your WordPress usage. Go off and try them right now even! I’ll wait here…

Stronger Passwords, Less Thought

…and welcome back. That was fun, right!?

The other big feature that you should ready yourself to encounter is the new password management system. It includes a series of workflow and interface changes that add up to a much more secure set of users.

First, passwords will no longer be emailed to users. Instead, when you get a new user account, the process now mimics the password reset process:

WordPress New User Account Email ("Click link to set your password")

Next, WordPress encourages you to let it set the passwords itself. In fact, it won’t even show you the option at first:

New WordPress "Add New User" form

And if you do click “Show password,” you’ll see it’s a beautiful, randomly generated password:

A randomly generated strong WordPress password

If you shorten it, it might give you a warning:

A short, medium strength password in WordPress

And if you do something I know you know is bad:

WordPress weak password confirmation

That’s right, WordPress now makes you click a checkbox saying “Confirm use of weak password”!

Dealing with those stronger password

Now I know that some of you are staring at that strong password (“leCBVGfoRsi4W)^w(87nTvcY”) and feeling your heart beat out of your chest with anxiety. It’s time to conquer your fears and take this opportunity to improve your password management!

There are lots of “password” managers that will help you automatically save and retrieve your passwords. Many have other great features like form autocompletion, password sharing, and even credit card fraud monitoring.


I’m an avid user of LastPass which works on any operating system and browser and includes a cheap PRO version that even works on smartphones and tablets. Using it requires remembering only a single strong master password. It’s not perfect, but on most sites, I use LastPass to generate a strong password for me and automatically save it. When I return, LastPass automatically fills in my username and password for me!

LastPass can also autofill my credit card information on forms, monitor them for fraud, share passwords with other LastPass users (showing them the password or not), and store other important private information like client FTP and database information. It even monitors sites for hacks and tells me which passwords I should update. An increasing number of sites are even available for one-click password changes via LastPass.

I have over 550 passwords stored in LastPass, most of which are unique and increasingly random. I can’t imagine doing it any other way! Basic LastPass is free, so signup today, and give it a shot. It can even import passwords you’re storing in your browser to get you started.

Other Password Managers

1Password and KeePass are other popular options that I’m sure would serve you well. I know people who use both. What is important is using something other than a single password (or even five), a piece of paper under your keyboard, or that Post-it note on your computer. Those are less secure, more prone to disappearing, and discourage most other security best practices!

Everything Else

There’s a new menu manager in the site Customizer that’s much easier to use on touch devices and a new option for adding your site icon (aka favicon) too! In the editor, the word count is now much more accurate than it used to be. You can read all about all the new changes in WordPress 4.3 or watch this nice intro video:

But you’ve seriously got to try the formatting autocompletions! They’re great :)

Go forth, be secure, and edit with ease!

Note: If you happen to be one of my maintenance plan clients, WordPress 4.3 should be available on your site Monday, August 31.

2 thoughts on “WordPress 4.3: Two New Features Add Efficiency & Security”

    1. That’s a good question, Diana.

      Lifehacker has an article answering this questions (http://lifehacker.com/is-lastpass-secure-what-happens-if-it-gets-hacked-1555511389) and someone asked about it on one of the Security Stackexchange site (http://security.stackexchange.com/questions/45170/how-safe-are-password-managers-like-lastpass).

      LastPass is cloud-based and integrated with browsers, so it certainly is not 100% secure (nothing is). That said, it feels more secure to me than using weak passwords everywhere, and I’ve generally been impressed by how LastPass has handled security concerns. I also use it with Google Authenticator, so that a second temporary password is required to access my “vault.”

      If you don’t want to use a cloud-based manager, the aforementioned KeePass is stored only on your computer. The downside, then, is that you can’t access your passwords everywhere (without saving them back into the cloud and then we’re back where we started!).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.