kanellov / password-strength-validator
A validator for checking password strength.cocom
Installs: 19 743
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 3
Forks: 2
Open Issues: 0
Requires
- php: ^5.3 || ^7.0
Requires (Dev)
Suggests
- zendframework/zend-validator: Needed to support PasswordStrength Zend Validator
This package is not auto-updated.
Last update: 2025-01-19 05:11:16 UTC
README
Validates if a password is strong enough by checking if it contains digits, symbols and letters in different casing.
Installation
Install with composer:
$ composer require kanellov/password-strength-validator
Description
This package provides a validator for checking password strength. It can be customized to check for the following:
- Password contains at least one digit character
- Password contains at least one uppercase character
- Password contains at least one lowercase character
- Password contains at least one symbol character
- Password contains at least either one digit or symbol character
Also, when validating for symbols, you can exclude some of them from the validation (See [Excluding symbol characters](#Excluding symbol characters)).
Usage
Function
require 'vendor/autoload.php'; // force password to contain at least one digit and one uppercase char $flags = KNLV_PWD_CONTAIN_DGT | KNLV_PWD_CONTAIN_UC; $password = "somePasswordNotContainingDigits"; $code = 0; $message = ''; $is_valid = true; try { \Knlv\password_strength($password, $flags); } catch(\ErrorException $e) { $is_valid = false; $code = $e->getCode(); $message = $e->getMessage(); } var_dump($is_valid, $code, $message); /* --- RESULTS --- * bool(false) * int(1) * string(50) "Password must contain at least one digit character" */
Zend Validator
In order to use this library as Zend Validator use must install zendframework/zend-validator
package.
$ composer require zendframework/zend-validator
require 'vendor/autoload.php'; use \Knlv\Validator\PasswordStrength; $password = "somePasswordNotContainingDigits"; $validator = new PasswordStrength(array('flags' => KNLV_PWD_CONTAIN_DGT | KNLV_PWD_CONTAIN_UC)); $is_valid = $validator->isValid($password); $messages = $validator->getMessages(); var_dump($is_valid, $messages); /* --- RESULTS --- * bool(false) * array(1) { * [1]=> * string(50) "Password must contain at least one digit character" * } */
Excluding symbol characters
When \Knlv\password_strength
function is called with KNLV_PWD_CONTAIN_SYM
or KNLV_PWD_CONTAIN_DGT_OR_SYM
flags it checks if password contains at least one of the !"#$&'()*+,-./:;<=>?@[\\]^_`{|}~
symbol characters.
If don't want your password to contain some of these symbols, you can exclude them from the check by passing an extra argument
with the symbols you want to exclude. For example, the following shows how to exclude the @
and !
symbols from validation:
require 'vendor/autoload.php'; // force password to contain at least one symbol char $flags = KNLV_PWD_CONTAIN_SYM; $password = "p@ssword!"; $exclude = "@!"; // exclude @ and ! symbols $code = 0; $message = ''; $is_valid = true; try { \Knlv\password_strength($password, $flags, $exclude); } catch(\ErrorException $e) { $is_valid = false; $code = $e->getCode(); $message = $e->getMessage(); } var_dump($is_valid, $code, $message); /* --- RESULTS --- * bool(false) * int(8) * string(51) "Password must contain at least one symbol character" */ // Using validator $password = "p@ssword!"; $validator = new \Knlv\Validator\PasswordStrength(array( 'flags' => KNLV_PWD_CONTAIN_SYM, 'excludedSymbols' => '@!', )); $is_valid = $validator->isValid($password); $messages = $validator->getMessages(); var_dump($is_valid, $messages); /* --- RESULTS --- * bool(false) * array(1) { * [8]=> * string(51) "Password must contain at least one symbol character" * } */
License
The GNU GENERAL PUBLIC LICENSE Version 3. Please see License File for more information.