Password Policy alternatives and similar libraries
Based on the "Passwords" category.
Alternatively, view Password Policy alternatives based on common mentions on social networks and blogs.
-
Password Compat
Compatibility with the password_* functions that ship with PHP 5.5 -
Zxcvbn PHP
Realistic PHP password strength estimate library based on Zxcvbn JS -
PHP Password Lib
A library for generating and validating passwords -
Password-Generator
PHP Library to generate random passwords -
Password Validator
Validates passwords against PHP's password_hash function using PASSWORD_DEFAULT. Will rehash when needed, and will upgrade legacy passwords with the Upgrade decorator. -
GenPhrase
GenPhrase is a secure passphrase generator for PHP applications. -
phpass
Python implementation of the portable PHP password hashing framework
Learn any GitHub repo in 59 seconds
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of Password Policy or a related project?
README
PasswordPolicy
A tool for checking and creating password policies in PHP and JS.
Installation
Use composer to setup an autoloader
php composer.phar install
Require the composer autoload file:
require_once 'vendor/autoload.php';
Usage:
To use, first instantiate the core policy object:
$policy = new \PasswordPolicy\Policy;
Then, add rules:
$policy->contains('lowercase', $policy->atLeast(2));
Supported rule helper methods are:
contains($class, $constraint = null, $description = '')
: Checks to see if a password contains a class of charsSupported Short-Cut classes:
letter
-a-zA-Z
lowercase
-a-z
uppercase
-A-Z
digit
-0-9
symbol
-^a-zA-Z0-9
(in other words, non-alpha-numeric)null
-\0
alnum
-a-zA-Z0-9
The second param is a constraint (optional)
length($constraint)
: Checks the length of the password matches a constraintendsWith($class, $description = '')
: Checks to see if the password ends with a character class.startsWith($class, $description = '')
: Checks to see if the password starts with a character class.notMatch($regex, $description)
: Checks if the password does not match a regex.match($regex, $description)
: Checks if the password matches the regex.
Supported Constraints:
The policy also has short-cut helpers for creating constraints:
atLeast($n)
: At least the param matchesEquivalent to
between($n, PHP_INT_MAX)
atMost($n)
: At most the param matchesEquivalent to
between(0, $n)
between($min, $max)
: Between $min and $max number of matchesnever()
: No matchesEquivalent to
between(0, 0)
Testing the policy
Once you setup the policy, you can then test it in PHP using the test($password)
method.
$result = $policy->test($password);
The result return is a stdclass object with two members, result and messages.
$result->result
- A boolean if the password is valid.$result->messages
- An array of messages
Each message is an object of two members:
$message->result
- A boolean indicating if the rule passed$message->message
- A textual description of the rule
Using JavaScript
Once you've built the policy, you can call toJavaScript()
to generate a JS anonymous function for injecting into JS code.
$js = $policy->toJavaScript();
echo "var policy = $js;";
Then, the policy object in JS is basically a wrapper for $policy->test($password)
, and behaves the same (same return values).
var result = policy(password);
if (!result.result) {
/* Process Messages To Display Failure To User */
}
One note for the JavaScript, any regular expressions that you write need to be deliminated by /
and be valid JS regexes (no PREG specific functionality is allowed).