CHECKING FOR PASSWORD STRENGTH - Aug 3rd, 2013


Thanks to user Zick and Greg Thomas from Interactive Tools for the following Password Strength checking suggestions for
the Website Membership Plugin.

The code should be inserted after the NewPassword Checking code. You can change the password length to any number of
characters that you feel is appropriate.

For uniformity, you might also want to change the initial password generated in the “generate password” section of
the user-signup.php form to that number of characters matches. (See the recipe called CHANGING PASSWORD LENGTH)



if (strlen($_REQUEST['newPassword1']) < 11 ) { $errorsAndAlerts .=
"Please enter 12 or more characters for your New Password\n"; }
if (!preg_match("#[a-z]+#", $_REQUEST['newPassword1']) ) { $errorsAndAlerts .=
"Password must include at least one letter!\n"; }
if (!preg_match("#[A-Z]+#", $_REQUEST['newPassword1']) ) { $errorsAndAlerts .=
"Password must include at least one CAPS!\n"; }
if (!preg_match("#\W+#", $_REQUEST['newPassword1']) ) { $errorsAndAlerts .=
"Password must include at least one symbol!\n"; }
$errorsAndAlerts .= getNewPasswordErrors(@$_REQUEST['newPassword1']); // only works in Version 2.52+)
_


According to Greg, the getNewPasswordErrors function added in Version 2.52, and implemented in Version 1.10 of the
Membership Plugin, will return a string of errors, including checking if the password starts with spaces, and if the
password is in the 1000 most popular passwords. If there are no errors it will return an empty string.

If you’re using a prior version just comment out (or remove) the getNewPasswordErrors code.

HINT: Check the file /lib/login_password_blacklist.txt

If you've got some passwords that you think should be included, just add them to the file and they won't be accepted.



The materials on this web site have been created for use with CMS Builder content management software. CMS Builder software is published and licensed for use by InteractiveTools.com. Please contact Interactive Tools for information on the downloading of the software or the purchasing of licenses.


Terms of Service