Go Back   vb.org Archive > vBulletin Modifications > vBulletin 3.8 Modifications > vBulletin 3.8 Add-ons

Reply
 
Thread Tools
Password Strength Check Details »»
Password Strength Check
Version: 0.9.0, by kh99 kh99 is offline
Developer Last Online: Sep 2020 Show Printable Version Email this Page

Category: Miscellaneous Hacks - Version: 3.8.x Rating:
Released: 10-13-2013 Last Update: 10-13-2013 Installs: 34
Uses Plugins Auto-Templates
Re-useable Code Additional Files Translations Is in Beta Stage  
No support by the author.

What is it?
----------------------------
This mod adds a check for password strength at registration and when a user changes their password. You can specify the minimum length and number of upper case, digits, and other characters you want to require (see screen grab 3), or you can choose a minimum score to allow (based on length and types of characters included, see screen grab 4).

Installation:
----------------------------
1) Upload the files in the upload directory to the appropriate locations.

2) In the Product Manager in AdminCP, import the product XML file (product-kh99_passwords.xml).

3) In the admincp, go to "[kh99] Password Policy Options" and select the options you want.

Uninstalling:
----------------------------
1) Uninstall the product from the Product Manager in the AdminCP.

2) Remove the uploaded files.

Notes:
----------------------------
1) Tested on vb3.8.8. I also test a bit on vb3.8.2 (mostly for php version compatibility) and it seems to work.

History:
----------------------------
0.9.0 (October 14, 2013) - Initial Release

Download Now

File Type: zip kh99_passwords_0.9.0.zip (435.0 KB, 392 views)

Screenshots

File Type: png sg1.png (257.1 KB, 0 views)
File Type: png sg3.png (58.1 KB, 0 views)
File Type: png sg4.png (57.5 KB, 0 views)
File Type: png sg2.png (67.1 KB, 0 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
5 благодарности(ей) от:
A.Chakery, kotkerk, Martell, TAIFUN_T, xorex

Comments
  #22  
Old 10-30-2015, 08:32 PM
kh99 kh99 is offline
 
Join Date: Aug 2009
Location: Maine
Posts: 13,185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Alfa1 View Post
Its not showing up on /profile.php?do=editpassword
What do I need to add to the template?

ReCaptcha is no longer showing up on registration now that this is added.
Hmm...I'm not sure what's going on there. If it's affecting the recaptcha, then it might be a javascript problem. You could check the browser error console to see. Unfortunately I don't have time right now to support these mods.
Reply With Quote
  #23  
Old 11-01-2015, 11:47 AM
Alfa1's Avatar
Alfa1 Alfa1 is offline
 
Join Date: Dec 2005
Location: Netherlands
Posts: 3,537
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I understand. Thanks for making this addon.
However, vbulletin is getting too outdated and insecure for me. I am seeing hack attacks left and right and my big board has recently seen a massive attack using IPv6 vulnerability. I need to get off vbulletin ASAP.
Reply With Quote
  #24  
Old 11-01-2015, 11:51 AM
Dave Dave is offline
 
Join Date: May 2010
Posts: 2,583
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

IPv6 vulnerability? Are we talking about DDoS attacks here?
vBulletin can't be blamed for DDoS attacks or a IPv6 vulnerability, unless it actually abuses a vBulletin vulnerability.
Reply With Quote
  #25  
Old 11-01-2015, 04:33 PM
Alfa1's Avatar
Alfa1 Alfa1 is offline
 
Join Date: Dec 2005
Location: Netherlands
Posts: 3,537
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

See here: https://theadminzone.com/threads/vbu...counts.136907/
Reply With Quote
  #26  
Old 11-01-2015, 05:06 PM
kh99 kh99 is offline
 
Join Date: Aug 2009
Location: Maine
Posts: 13,185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Alfa1 View Post
I didn't read that entire thread because I have no interest in the bickering. I also don't know a lot about ipv6, but it seems to me if I were running vbulletin on a server that was reachable via ipv6, I'd configure the web server to listen only to the ipv4 address, then remove any ipv6 DNS records from my domain name. It seems like that would avoid the issue until ipv4 doesn't work any more. But maybe there's some reason I don't understand for not doing that.
Reply With Quote
  #27  
Old 05-27-2016, 01:55 PM
VIP Hawaii VIP Hawaii is offline
 
Join Date: Aug 2008
Location: Maine
Posts: 17
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I don't know what happened, but, early on in my installation of VBulletin and various products, I installed your Password Strength Check mod .... after some 6 months of work, all of a sudden the 180 day password expiration message popped up ... I went, 'ugh', and figured OK I'll just change the password, or if I don't want this message popping up, I'll just disable the product so I can log in again ...

Since at that moment I still had a current cookie-supported AdminCP login, I tried a few things : Apparently just disabling the product from within its own AdminCP controls did not work, so I tried disabling it from Products Manager ... that didn't work either so I tried to uninstall the product from Products Manager, then removing all the files that were installed ... : that didn't work either!

I finally thought, OK, so somehow this product had 'seen' that my password was 180 days old so it set something into some database file making it so I had to change my password ... so I'll try setting Windows back 14 days so I can fool this product into thinking it's not 180 days yet, then log into the AdminCP, uninstall this product, then change the clock back, and log in again (I also rebooted the computer etc. before trying to log in again) ... even after uninstall and removal of all the product files, as you direct to do in your UNINSTALL instructions, I still cannot log in, getting that "your password is 18x days old" message ... when I click on the link to reset the password, the link will say it's sent my password, but for whatever reason the built-in email function in Vbulletin isn't working ... I even set up HMail server but that doesn't seem to be sending me the mail either... cannot log into the site let alone the AdminCP so without setting the clock back again and trying another login I will not be able to ever get back into the AdminCP ... HOW DO I ***REALLY*** UNINSTALL THIS PRODUCT? If it causes this kind of damage potentially, it should be QUARANTINED ...

I should also mention that I have tried disabling all hooks in /includes/config.php and also had "undeletable users" set for my Administrator account (how then can it have changed my 'old' password then? I thought that config.php rules 'RULED' over all other settings!!!))) ... whenever I would try to paste in my 'old' password (which is definitely correct!) to change the password, I'd get a message saying I had not typed my *current* password in correctly! I have also tried removing all related cookies, restarting Firefox, again, no go. Tried of course, restoring older versions of the database (after installation of this mod but before the 180 days had passed), resetting the clock backwards, then forwards, still no go. Tried logging in using tools.php ... this seemed to work once, then would not work again ... still can't get in. I finally tried resetting the clock to present time, then tried tools.php Admin restore, then tried going to the password modification page this mod presents ... I removed whatever was in the 'old password' field, put in my newer password after having changed it in AdminCP at some point ... no go. Tried putting in the OLD password, and for some reason (still unknown to me), I was able to change the password ... then tried logging out, then in again as Administrator and was able to log into AdminCP ... right at the moment things look pretty normal again ... but : (soap opera music plays) 1. Will I be able to uninstall this thing successfully? 2. Will I get locked out again in about 6 months? 3. Will I be able to get back in again? 4. Will this happen to my other users? 5. Will this mod ever be fixed and updated?

Hey, I can understand if someone does not have the time to support a mod they have created, but when that mod has the capability of LOCKING OUT THE ADMIN, that no-support policy should be changed for that mod, at least until it's fixed.

VIP
Reply With Quote
  #28  
Old 05-28-2016, 01:26 PM
kh99 kh99 is offline
 
Join Date: Aug 2009
Location: Maine
Posts: 13,185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

First, I'm sorry that you're having problems. The fact is that while I won't rule out ever making ny changes or releasing fixes, at this point you'd have to consider all my mods as unsupported. And you're right, if one of them has an issue it should be quarantined, although I think that may only done for security issues and not for bugs.

That said, if I understand you correctly you seem to believe that the "Your password is 180 days old" screen is displayed by my mod, but it's not, that's a feature of vbulletin. It can be turned off by a setting somewhere I believe, but I have no way of finding which one right now. Maybe I'mm not understanding what you're saying, because I don't really understand why you didn't just change your password.
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:07 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04864 seconds
  • Memory Usage 2,315KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (8)post_thanks_box
  • (5)post_thanks_box_bit
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (8)post_thanks_postbit_info
  • (7)postbit
  • (5)postbit_attachment
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete