Its pretty basic atm, but it works

Basically what this does is force a set of requirements on users passwords. It checks to see that there are both numeric and alphanumeric characters in their password and that it is at least a certain amount of total characters (currently hardcoded to be 8)

Like I said, this is very basic atm... when I have time I plan to make it a little better hehe.

Things to do:

control options thru admin cp
make everything configurable (min length, # of numeric, and # of alphanumeric chars, etc..)
warn admins about password not meeting complexity requirements when updating user passwords in admin cp


Any suggestions or help with this are more then welcome.

Download instructions here:

(a) Your text file is missing line breaks... at least that's how it shows up on my system.

(b) I never really liked sites that forced you to use numbers in passwords. My passwords are usually basic (yet you have no way of guessing them), unless it's for admin stuff or important sites (in that case my password is about 12 chars long).

Great hack nonetheless. :)

Now what would be truly sexy, would be something reminiscant to when you setup a PGP key, when it checks your passwords to see if they are liable for hax0ring or not. Then it does it all in real time :D That would be very nice, but I don't know how doable it is (without something like java) nevermind, I'm rambling. Sorry.

thanks :)

it did have breaks.. just not dos breaks hehe. should be fixed now.

aim of this hack is to stop the passwords like 'qwerty' or '12345' that kind of thing. and im sure there are boards out there for important sites where it does matter :)

Yeah I can understand that, achilles. Although something like this that only checks power users (i.e mods and admins) would be great. So regular users can use "bla" if they want, but mods and admins must use a more complex password.

Mine is 15 characters and one of them is the letter ? :)