innoweb/silverstripe-common-password-validation

Adds additional validation steps to PasswordValidator to check for commonly used passwords, the member's name and repeated characters

2.0.0 2023-03-16 06:02 UTC

This package is auto-updated.

Last update: 2024-10-16 09:38:35 UTC


README

Version License

Overview

Adds additional validation steps to PasswordValidator to check for commonly used passwords, the member's name and repeated characters.

Requirements

  • Silverstripe Framework ^5

Note: this version is compatible with SilverStripe 5. For SilverStripe 4, please see the 1 release line.

Installation

Install the module using composer:

composer require innoweb/silverstripe-common-password-validation dev-master

Then run dev/build.

Configuration

You can configure what tests should be performed. All three tests are enabled by default.

SilverStripe\Security\PasswordValidator:
  check_repetitions: false
  check_member_name: false
  check_common_passwords: false

You can edit the list of common passwords used.

SilverStripe\Security\PasswordValidator:
  common_passwords:
    - 'something'

The module currently uses a list of passwords collected from Nord Pass and Daniel Miesler.

License

BSD 3-Clause License, see License