Version: 1.0.2, by Eric
Developer Last Online: Jun 2023
Category: Miscellaneous Hacks -
Version: 4.x.x
Rating:
Released: 05-30-2011
Last Update: 07-04-2011
Installs: 56
Uses Plugins Auto-Templates
Re-useable Code Translations
No support by the author.
What is this?
This mod will allow you to force user passwords to be at least a certain length.
Features
Force minimum length on:
Registration
Edit Password
Reset Password
I've only tested this mod on vB 4.1.4/4.1.5 (alpha). It should work with previous versions, however I am not sure. If it works for you on an older version, let me know.
Installation
1. Download the `product-password_minlength.xml` file. (* may differ in name based on version)
2. Enter your AdminCP and go to Plugins & Products > Manage Products > [Add/Import Product]
3. Import the product using the `product-password_minlength.xml` file. (* may differ in name based on version)
4. Configure the mod in AdminCP -> Settings -> Options -> User Registration Options
Upgrading
In many cases, all you'll need to do to upgrade is follow the installation instructions above, but set "Allow Overwrite" to "Yes".
Changelog Version 1.0.2, 07/05/2011
Changed the "Check Method" choice from a drop down to radio buttons (Boofo )
Changed how the "UserId" "Check Method" works - it now is used for escluding User ID's
Fixed a bug in the plugin for updating profile - was not checking if a new password had been entered.
Version 1.0.1, 06/07/2011
Introduced three new options and one new plugin.
The new options are based around a "Check Method". You can choose to enforce the min. password length by userid, usergroup, or 'none' (all).
nice idea with this mod indeed but when you have vbsecurity i feel there is no need for this i have joined a lot forums some i joined just to give a look arorund cause the forums have been closed to guests if they had this mod in place i sure wouldnt ....
now if you could implement how strong a p/w was i wouldnt mind that but password length is no biggie to me and i am with bop on that
Would be great if it checked the strength of the password. So you can set it to 50% strong.
The problem is that you need code to compute the bit strength of the password. i.e. a password A-Z, a-z, 0-9 of 44 characters would have a bit strength around 256-bit cipher strength password.
Would be amazing to have a way to also force users to include upper case letters / numbers / special characters in addition to a minimum password length.
I saw that this guy is building on this mod and trying to implement it, but it seems a big buggy still and i am reluctant to install it until it is more secure.
I installed it and applied the min password length checking and could still login with a test user in a test usergroup that only had a 3 digit password.
:-(
I have it working on 4.2.3 and before was working on 4.2.2