How to Import Users with Hashed Passwords to WordPress

How to Import Users with Hashed Passwords to WordPress

What is Hashed Password?

It is very important that you take the proper precautions not to expose your data when you are developing a website or web application that needs to store user data. Storing user passwords is a very sensitive process for any web application. When you store a user’s password, you must ensure that you have it secured and you don’t expose your user’s password.

Hashing is a process to store passwords in a database by creating representations of actual password characters. It cannot be converted into plain text easily. You may have to migrate your user details including passwords to WordPress. It can be a frustrating and time-consuming task if there is a lot to migrate/ import. While importing user details you have to protect sensitive data like user passwords.

How to import user data?

The simplest way to import user data is by using an extension plugin Import Export WordPress Users. Moreover, this plugin helps to import hashed passwords in the easiest way using a CSV file. You can import hundreds or even thousands of users in the CSV file to the WordPress site using the plugin.

Follow the below steps to successfully import user data including hashed passwords.

Step 1: Install and activate the plugin

  • Download the plugin from here.
  • Go to the WordPress admin page and visit Plugins > Add New page.
  • Click on the Upload Plugin button on top of the page.
  • From the plugin upload form, click on the ‘Choose File’ button and select the plugin file you downloaded earlier to your computer
  • Click on the Install Now button.
  • Once installed, you need to click on the Activate Plugin link to start using the plugin.

Step 2: Prepare CSV file

  • You have to prepare user data as a CSV file with correct column headers.


  • You can download the Sample Exported CSV and update the file (Note: Sample CSV can be downloaded from the plugin’s Help section)
  • Now include a column with column header as wt_hashed and fill with the value Yes. If you are updating the sample CSV wt_hashed column will be there already and you just have to specify the value as Yes or No
  • If you do not have the CSV file prepared, you can use the same plugin to export the data to a CSV file. Or you can use a spreadsheet program of your choice, enter the data, and then save the file with the .csv extension.
  • Make sure that the CSV Import file must be in UTF-8 format.

Sample CSV with hashed column will like this:

Step 3: Import users with hashed passwords

Now you have the proper CSV file and you have successfully installed the plugin. By following the few steps below you can import users with hashed passwords.

  • Navigate to Dashboard > WebToffee Import Export (Basic) > Import
  • Choose User/ Customer as post type and go to step 2.
  • Select the Advanced Import method and upload the prepared CSV file. Move to Step3.
Choosing Advanced import method and uploading sample CSV
  • In the screen, Map import columns, all the standard columns will be mapped with your CSV column names. Click on step 4 to proceed.
Mapping import columns during import of WordPress users
  • In the Advanced options/Batch import step, set the value of Retain user passwords to Yes. This will migrate the user password as is in the hashed format.
Retaining user passwords during import
  • Click on the Import button to finish.

Import history will be shown below after import.

We hope this article helped you learn how to import users with hashed passwords to WordPress.


Hashed passwords can’t be reversed, hacked, or compromised. You can migrate your user details including hashed passwords to WordPress with the help of the Import-Export WordPress users and WooCommerce customers extension.