Password Requirements [Paid] [Deleted]

[Liam W]

Liam W submitted a new resource:

Password Requirements - Passwords matter...

This add-on allows you set requirements for passwords created by your users. It also allows you to force individual users, or all users, to change their passwords.

The requirements available are:

• Maximum password age (must change password after x days)
• Minimum password age (can't change password until x days have passed)
• Minimum & maximum password length
• Password regex (advanced password rules)
• Windows password complexity requirements match

The windows password...

Read more about this resource...

 

[oman]

Hi Liam,

Considering getting this. I have two questions?

1) What does the windows password requirements relate to exactly? What exactly are the requirements?
2) Does this consider not allowing users to use a password they have used before? Would this be something you are already planning for this add on?

 

[Liam W]

1) What does the windows password requirements relate to exactly? What exactly are the requirements?

At least 8 characters
At least one number
At least one uppercase letter
Doesn't contain username

2) Does this consider not allowing users to use a password they have used before? Would this be something you are already planning for this add on?

I'm planning it, however figuring out how to store the old passwords is a pain. I'll try and work on it this week.

Liam

 

[Liam W]

Liam W updated Password Requirements with a new update entry:

Password History

This version adds support for password history.

This means you can specify a number of passwords to 'remember', and a user will not be able to change their password to one of the remembered ones.

This version also hardcodes the fact that you cannot change your password to your current password.

Read the rest of this update entry...

 

[Liam W]

Hi Liam,

Considering getting this. I have two questions?

1) What does the windows password requirements relate to exactly? What exactly are the requirements?
2) Does this consider not allowing users to use a password they have used before? Would this be something you are already planning for this add on?

The latest update adds password history

Liam

 

[Liam W]

Liam W updated Password Requirements with a new update entry:

New Features: Min & Max Special Characters, Bypass Permission

• Minimum & Maximum special characters
• Bypass Password Requirements permission
• Changed order of a few checks

Read the rest of this update entry...

 

[adwade]

What is XenForo's default Maximum Password length, and what does this add-on allow for a declared maximum amount?

 

[Robust]

Could also add a blacklist for passwords people can't use, and allow imports via text files (so import common passwords e.g. password, 123456 and not allow those).

 

[Liam W]

What is XenForo's default Maximum Password length, and what does this add-on allow for a declared maximum amount?

I don't believe there is an upper limit, as the password hash is stored in a binary field in the database.

Could also add a blacklist for passwords people can't use, and allow imports via text files (so import common passwords e.g. password, 123456 and not allow those).

I am currently working on this

Liam

 

[Liam W]

Liam W updated Password Requirements with a new update entry:

Password Blacklist

Added a password blacklist feature. You can define words (or phrases) that are blacklisted as passwords.

Note: The blacklisted words are exact match only.

Read the rest of this update entry...

 

[Liam W]

Could also add a blacklist for passwords people can't use, and allow imports via text files (so import common passwords e.g. password, 123456 and not allow those).

Added

 

[Liam W]

Liam W updated Password Requirements with a new update entry:

Bug Fixes

• Fix install on newer XenForo versions
• Fix long-broken display of error message when password change is forced

Read the rest of this update entry...

 

[david3663]

I seem to be getting this error for a lot of users since installing this addon. I did import my forums from an old phpbb3 board. XenForo_Exception: Cannot generate authentication for this type. - library/XenForo/Authentication/PhpBb3.php:33

@Liam W

 

[Joeychgo]

Seems to me -- there is a good list of passwords to blacklist right here:

https://www.leakedsource.com/blog/verticalscope

Many of them, like 18atcskd2w, would likely be from repeat spammers.

 

[king8084]

@Liam W can this be done to certain groups only? i wanna apply this mod to mods/admins only

 

[Liam W]

Liam W updated Password Requirements with a new update entry:

Bug Fixes & Improvements

This version fixes 2 possible server errors regarding a lack of username at registration and if a previous password used an old (imported) password mechanism.

Phrases were also improved to be more explanatory (no more 'Your password must contain between 2 and 0 special characters' messages).

Read the rest of this update entry...

 

[Liam W]

Liam W updated Password Requirements with a new update entry:

Password Change Redirect

This update now redirects people to their intended destination after they have changed their password when forced to do so.

Read the rest of this update entry...

 

[Liam W]

Liam W updated Password Requirements with a new update entry:

Feature Update & Bug Fix

Feature Update

New option to force reset a user or all users' passwords.

Force reset is different to force change in that a reset will log the user out and require them to manually request a password reset email to change their password before they can log back in.

There is an option to automatically send the reset email when the password is reset.

Bug Fix

This also fixes a possible bug that may have stopped people registering if doing so via an...

Read the rest of this update entry...

 

[Liam W]

This resource has been removed and is no longer available for download.