blog documentation FAQ followers forum marketplace services youtube

Enforce Strong Passwords

The Jamroom Network » Forum » Suggestions » Page » Enforce Strong Passwords
MySong
MySong
@mysong
10 years ago
155 posts
Currently any user can choose 123456 as a password, making their account more susceptible to hacking.

Many sites enforce the use of strong passwords, where password needs

1 - At least 8 characters long
2 - Contain at least one Uppercase letter
3 - Contain at least one Lower case letter
4 - Contain at least one Number
5 - Contain at least one symbol

Could also contain backwards compatibility for existing passwords, either to continue to allow them to work or force reset upon next login.
updated by @mysong: 10/31/14 10:06:54AM
michael
@michael
10 years ago
7,714 posts
MySong:....Could also contain backwards compatibility for existing passwords, either to continue to allow them to work or force reset upon next login.

The first bit is easy enough to build. Just needs a listener on the 'form_validate_exit' event to check the password.

but the check against existing passwords is impossible. Passwords are not stored as clear-text in the database, so there is no way to retrieve them to see if they pass the test or not.
MySong
MySong
@mysong
10 years ago
155 posts
Even for just going forward such a feature would be good.
brian
@brian
10 years ago
10,148 posts
Just released:

https://www.jamroom.net/the-jamroom-network/forum/announcements/14545/new-and-free-strong-password-module

Hope this helps!


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net