JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser .
Resource icon
Unmaintained Password Tools
2.3.5
No permission to download
Fix red 'X' next to password may not be removed on a valid password.
Prevent displaying the password comparison checkbox if the feature is disabled
Thanks
@WoodiE for funding the HIBP (pwned password) integration.
Pwned password integration
This allows securely checking if a password has likely been compromised without sharing the password.
See Validating Leaked Passwords with k-Anonymity for details. Warning; contains Maths.
If the API fails, the password is blocked with a generic error message (as it does not log the stack trace as this would leak the user's password into the error log).
Caches API results for at least a day
Pwned password reports the number of breaches, and there is an admincp option to use this to determine if a password is compromised.
New Password checks option.
Allows zxcvbn & pwned password support to be independantly disabled
Only show 'too short' password strength phrase if there is any password
Only show 'password matching' indicator between password/confirmed password fields if there is any password.
Rework failed password reporting to be more consistent
Enable password complexity for admins in admincp
Applies to admin edits.
Default disabled
Fixed that an older XML was used pointing at old code event listener files.
Now maintained by Xon
Installer enforces minimum php 5.4+ version
Rewrite password-meter javascript to reliably find the fields it needs to hook into.
Add password-meter to admincp page when setting a user password
Option to not enforce password complexity rules for setting a user password via the admincp
Add password-meter to lost password page
Use "async" attribute for external scripts, removing the polyfill.
Sorry pre-IE11, go die in a fire.
For ancient browsers, they will ignore the attribute and block the page while downloading the zxcvbn script.
PATCH NOTES
Fixed a php7 error causing registrations and password changes to fail.
Installer
Fixed an error that caused the installer to fail installing some addons, if the server has no file write permission.
Fixed an error that caused the installer to fail installing or updating some addons with database tables.
Forgot to add the installer
PATCH NOTES
Add-On ID has been changed. If you're upgrading from a previous version, please read the notice below.
Some core parts have been rewritten to be more efficient and less vulnerable for bugs (hopefully).
Style properties have been ajusted for a cleaner look.
Features a unified installer used among my Add-Ons to eliminate (un-)installation bugs in the future.
IMPORTANT NOTICE
Upgrading from a previous version:
Go to the style properties page and make a copy of some sort from your modifications made to this addons settings.
Go to the Settings Page and make a copy of some sort of all options.
Upload all content of the 'Upload' folder to your XenForo installation. Overwrite files as necessary.
In your Addon List, hit: "Install Add-On", do not upgrade the previous version.
The Installer will remove the previous version and all deprecated files as necessary.
Head back to the style properties page and restore all your settings.
Head to the options page and restore all your settings.
Fixed the latest error occuring when trying to install this AddOn on XenForo 1.5.3 (Thanks @Xon for suggesting this solution).
Now really doesn't require FontAwesome anymore.
Fixed a bug with non-dictionary matchers causing registration and password-changes to fail when Force Reject is enabled.