Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.5 > vBulletin 3.5 Add-ons

Reply
 
Thread Tools
Password Security Details »»
Password Security
Version: 1.0.2, by Andreas Andreas is offline
Developer Last Online: Jan 2023 Show Printable Version Email this Page

Version: 3.5.3 Rating:
Released: 09-14-2005 Last Update: 01-26-2006 Installs: 56
DB Changes Uses Plugins Template Edits
Is in Beta Stage  
No support by the author.

Password Security

Description
This Hack allows you to enforce your members to use safe(r) Passwords:
  • You can define a mimimum length
  • You can define the how many character classes a Password must use
  • Does not allow using Username or eMail-Address as Password
  • Dictionary Check to prevent common passwords
    (Not yet fully implemented; Table wordlist must be filled manually, but check is present)

Details
1 Product XML (2 Plugins, 14 Phrases, 2 Settings)
2 Template Edits

History
1.0.0
Initial Version

1.0.1
Fixed problem with multiple Datamanager

1.0.2
Changed code to ignore automatically created weak passwords

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #32  
Old 01-10-2007, 09:33 AM
Hornstar Hornstar is offline
 
Join Date: Jun 2005
Location: Australia
Posts: 2,469
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I would like this for just my mods smods and admins is there anyway to set this for just them and not anyone else?

also is this working for vb 3.6.4?

and has anyone got the word list yet?

Thanks.
Reply With Quote
  #33  
Old 02-22-2007, 06:49 AM
Doc Great's Avatar
Doc Great Doc Great is offline
 
Join Date: Jan 2005
Location: Stuttgart
Posts: 73
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It's working for vb 3.6.4

If there's any interest in a TMS-Product, please send me a pm :-)
Reply With Quote
  #34  
Old 02-26-2007, 07:59 PM
dsewebteam dsewebteam is offline
 
Join Date: Aug 2006
Posts: 2
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hey Andreas,
I am now having a problem with this in 3.6.4.
Initially I set the password to expire in 90 days for all users .
Now 90 days have passed and the password is expired the user cannot change it, they have to contact me to change it for them via admincp.
I have checked this myself and it looks like it locks the user out once the password is expired.
What this needs is to send a password expiry email before the password expires.

I have had to turn it off due to too many people contacting me to change their password.
Reply With Quote
  #35  
Old 03-02-2007, 12:36 PM
lazytown lazytown is offline
 
Join Date: Feb 2004
Posts: 503
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by dsewebteam View Post
Hey Andreas,
I am now having a problem with this in 3.6.4.
Initially I set the password to expire in 90 days for all users .
Now 90 days have passed and the password is expired the user cannot change it, they have to contact me to change it for them via admincp.
I have checked this myself and it looks like it locks the user out once the password is expired.
What this needs is to send a password expiry email before the password expires.

I have had to turn it off due to too many people contacting me to change their password.
So is the mod essentially broken with 3.6.4? I really need this and can't believe VB allows such weak passwords. I need to get all my users to change their passwords (expiry) and then want this mod to force them to make decent ones. Will that not work with this mod?

-vissa
Reply With Quote
  #36  
Old 03-02-2007, 11:29 PM
lazytown lazytown is offline
 
Join Date: Feb 2004
Posts: 503
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by dsewebteam View Post
Hey Andreas,
I am now having a problem with this in 3.6.4.
Initially I set the password to expire in 90 days for all users .
Now 90 days have passed and the password is expired the user cannot change it, they have to contact me to change it for them via admincp.
I have checked this myself and it looks like it locks the user out once the password is expired.
What this needs is to send a password expiry email before the password expires.

I have had to turn it off due to too many people contacting me to change their password.
Can you detail exactly what happens se we can try to fix this? I want this working on 3.6.4 / 3.6.5 properly. So a user has to change their password. What exactly happens next? Does it work fine if you DON'T use password expiry or is there a problem any time a member tries to change their password?

Thank you
-vissa
Reply With Quote
  #37  
Old 03-12-2007, 12:21 AM
lazytown lazytown is offline
 
Join Date: Feb 2004
Posts: 503
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well I finally broke down and installed this on 3.6.5. Seems to work fine. I've tested registrations and users resetting their passwords. Those seem to work well as is. I will be testing "password expiry" shortly and report back.

-vissa
Reply With Quote
  #38  
Old 11-21-2007, 08:32 AM
stamos2003 stamos2003 is offline
 
Join Date: Nov 2003
Location: Berlin
Posts: 107
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

installed on 3.6.8 and works fine
though, it would be nice to port this hack to 3.6.8 and especially ad the password check also to the "change password" site at the forum, not only for new signups
Reply With Quote
  #39  
Old 11-28-2007, 03:00 PM
harkonen70 harkonen70 is offline
 
Join Date: Jan 2007
Posts: 2
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by stamos2003 View Post
installed on 3.6.8 and works fine
though, it would be nice to port this hack to 3.6.8 and especially ad the password check also to the "change password" site at the forum, not only for new signups
I concur .. or make something like this a feature of vb as a whole.
Reply With Quote
  #40  
Old 05-09-2008, 12:17 AM
mackers8923 mackers8923 is offline
 
Join Date: Dec 2002
Location: Belfast, N Ireland
Posts: 71
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

On 3.7, if a user edit their password (that is shorter than specified) gets an error - "Your password is too short..." then returns to the User CP.

In actual fact the password does change - if you try to re-change it you get an error saying "Password entered doesnt match your current one..." If you try the "too short" password it works...

Any ideas?
Reply With Quote
  #41  
Old 08-11-2008, 06:28 PM
Joe Siegler's Avatar
Joe Siegler Joe Siegler is offline
 
Join Date: Feb 2006
Posts: 71
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This appears to not completely work with current code.

I really could use the "stop users from having same password as their username" as I was just compromised this morning.

From reading, I get the impression this doesn't work right with 3.72. Am I correct, or am I not right, and it does work? I really could use this mod like NOW, since I'm now a known target for this kind of behaviour.
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 09:49 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.13832 seconds
  • Memory Usage 2,302KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete