craftpulse / craft-password-policy
Password Policy plugin
Installs: 8 964
Dependents: 0
Suggesters: 0
Security: 0
Stars: 28
Watchers: 3
Forks: 11
Open Issues: 1
Type:craft-plugin
Requires
- php: ^8.2.0
- craftcms/cms: ^5.0.0
- nesbot/carbon: ^2.0.0
- nystudio107/craft-plugin-vite: ^5.0.0
Requires (Dev)
- craftcms/ecs: dev-main
- craftcms/phpstan: dev-main
- vlucas/phpdotenv: ^5.4.0
- yiisoft/yii2-redis: ^2.0
- v5.x-dev
- 5.0.3
- 5.0.2.1
- 5.0.2
- 5.0.1
- 5.0.0
- 5.0.0-beta1
- v4.x-dev
- 4.1.0
- 4.0.0
- 4.0.0-RC1
- 4.0.0-beta.1
- 1.2.0
- 1.1.0
- 1.0.6
- 1.0.5
- 1.0.4
- 1.0.3
- 1.0.2
- 1.0.1
- 1.0.0
- dev-pro
- dev-develop-v5
- dev-v5-develop
- dev-dependabot/composer/guzzlehttp/psr7-2.5.0
- dev-renovate/configure
- dev-dependabot/composer/guzzlehttp/guzzle-7.5.0
- dev-v4-develop
- dev-release/4.0.0-RC1
- dev-master
This package is auto-updated.
Last update: 2025-01-11 20:50:46 UTC
README
The Password Policy plugin is a powerful tool for enforcing secure password policies within your Craft CMS 5 installation. It helps administrators define and manage password rules for users, enhancing security and compliance in multi-user environments.
Requirements
This plugin requires Craft CMS 5.0.0 or later.
Installation
To install Password Policy, follow these steps:
-
Open your terminal and go to your Craft project:
cd /path/to/project -
Then tell Composer to load the plugin:
composer require craftpulse/craft-password-policy -
Install the plugin via
./craft install/plugin password-policyvia the CLI, or in the Control Panel, go to Settings → Plugins and click the “Install” button for Password Policy.
You can also install Password Policy via the Plugin Store in the Craft Control Panel.
Password Policy works on Craft 5.x.
Configuration options
Minimum Password Length
Define the minimum number of characters a password must contain.
Default: 8
Complexity Requirements
The following requirements can be enabled in the plugin settings:
- At least one uppercase and lowercase letter
- At least one number
- At least one special character (e.g., !@#$%)
Password Strength Indicator
A password strength indicator can be enabled to aid your users into choosing a stronger password
Have I been pwned?
Enhance your security by ensuring users can not select any leaked password. This employs the k-Anonymity method to validate passwords against the Pwned Passwords API without compromising user privacy by revealing passwords to an external service.
Password Retention Features
Password Expiration Method
You can determine the period in days,weeks,months or years when a password should expire. If you want to make use of this functionality, you can find this under Utilities → Password Retention → Force Reset Passwords.
Or if you want to use this utility through the CLI for e.g. a cronjob you can use craft password-policy/retention/force-reset-passwords.
Brought to you by CraftPulse