Jump to content

Password Tools 1.0.0

   (0 reviews)

1 Screenshot

About This File

 Additional Requirements php 5.6+

Password Tools

 

password_strength.png.fa2df6f1a42f023780aa308e179cf650.png

This modification mostly follows the principles of Dan Wheelers password strength estimator zxcvbn. It does not weight password strength by their combination of upper/lower letters, special characters and numbers, but on how easy they are to crack in reality.

To increase the safety of your users account, you can force them to use passwords of a minimum length, minimum strength and even force them to exclude certain words from their passwords (like your site name, the topic your site refers to, etc.).

But the other side of the equation, is no matter how secure the password is, if it has been compromised not password strength estimator will help make it better. As such NIST has the following guidance: check passwords against those obtained from previous data breaches. Pwned Password integration does that.

zxcvbn is a password strength estimator inspired by password crackers. Through pattern matching and conservative entropy calculations, it recognizes and weighs 10k common passwords, common names and surnames according to US census data, popular English words, and other common patterns like dates, repeats (aaa), sequences (abcd), keyboard patterns (qwertyuiop), and l33t speak.

Consider using zxcvbn as an algorithmic alternative to password policy — it is more secure, flexible, and usable when sites require a minimal complexity score in place of annoying rules like "passwords must contain three of {lower, upper, numbers, symbols}".

Features

Show password feature, allow users to toggle to see what they have actually entered.

Show users how strong their passwords really are when it comes to crack-attempts

Deliver instant feedback if password and password-confirm match and/or certain requirements are not met

Force users to choose passwords with a minimum strength

Force users to choose passwords with a minimum length

Force users to chooce a password not containing words from a blacklist you define

No cheating: This modification also controls users passwords on server side with Ben Jeavos php-implementation of zxcvbn.

Easy styling through XenForo Style Properties



User Feedback

You may only provide a review once you have downloaded the file.

There are no reviews to display.

×
×
  • Create New...