my site is highly based on clients and we want to have very strong password protection for a certain custom type post.

We have a custom type post named “something” and here is it’s declaration:

$args = array (
            'label' => 'Something',
            'singular_label' => 'Something',
            'public' => false,
            'publicly_queryable' => true,
            'show_ui' => true,
            'capability_type' => 'post',
            'hierarchical' => false,
            'rewrite' => array('slug' => "something"),
            'query_var' => false,
            'menu_icon' => 'dashicons-chart-area',
            'supports' => array('title')
    );

I want to make sure anything that’s under slug “something” is password protected and if a post with type “something” has a password set, then it asks users to enter the password.

One problem that I’m encountering with this custom post type declaration is, it doesn’t even ask users to enter a password even if password is set.