Name: Force Password Complexity - Version: 2.5-3 / 3.1.0 - Type: Plugin - License: GPLv3
Description: The plugin checks entered passwords and rejects weak passwords
Developed by: Kubik-Rubik - Viktor Vogel
Overview of all downloads of the extension: FPC - Force Password Complexity Downloads
If you use FPC - Force Password Complexity, please post a rating and a review at the Joomla! Extensions Directory.
Strong passwords are enforced based on individual rules with this plugin
Plugin: FPC - Force Password Complexity
Function: Increase of the overall security of the system by good, strong passwords.
Languages: English and German
Joomla! versions: 2.5 / 3.x
The system plugin checks the user passwords using defined security patterns and rejects weak passwords. In this way FPC ensures stronger security of the whole system. The execution of the plugin and the checks of the passwords can be set completely customized to ensure an own standard of security. There is also an option to allow weak passwords for certain user groups, but to inform them by a warning about the weak password. This option should only be used for non-critical user groups.
- Force secure, good passwords with individual rules
- Set precise execution rules:
- Execution in front- and / or backend
- Restrict to specific user groups
- Restriction with warning notice for unselected groups possible
- Check the type of users - only new, existing or all users
- Individual checks for secure passwords:
- Minimum length of passwords
- Minimum size of the entropy of passwords
- Forbid parts of the name and the e-mail address
- Maximum number same and same consecutive characters
- Force character types: uppercase / lowercase letters, numbers and special characters
- Plugin is small and fast, doesn't need a big framework
- Fast, clean code
- Languages: English and German
Install the plugin in the backend. Configure and activate it in Extensions -> Plugins -> System - Force Password Complexity - FPC.
The settings of FPC are divided into two parts: Execution and Checks.
Under Execution you may change the settings, how and where the plugin is executed. The application can be restricted to the front- and / or backend, on specific user groups and the status of the user. Additionally you may show a warning, to not specified users, that the entered password has been saved but it has been evaluated by the system to be insecure.
Under Checks you may define individual check patterns to guarantee secure passwords. You may define a minimum length and entropy of the password. Entropy is a measure of the uncertainty in a random variable. The higher the number, the better (more complex) the password. You have the ability to forbid parts of the name or the email address upon creation of the password. The options to restrict the maximum number of equivalent or consecutive characters avoid very weak passwords with few or repeating characters. Another important option is the ability to define which characters must be integrated at least once into the password. Here you have the options for upper- and lowercase letters, numbers and special characters (multiple selection is possible and recommended).
I wish you success in securing your site! Please support my work and the free availability of the extension with the purchase of a donation code if it brings an added value to your site.
+ = Added - ! = Removed - ^ = Changed - # = Fixed
Version 3.1.0 - 2015-08-01
- + Donation Code Validation Process - Improved the validation process with a new server (HTTPS request) plus an independent, separated fallback server (HTTP request).
Version 3-2 - 2015-02-05
- + Update Server - Added the Joomla! core functionality for the update checks
- ^ Updated Donation Code field - Uses the HTTP API for the requests and calls the check script via HTTPS
- ^ Links in the language files - Updated outdated links to the JED (Joomla! Extensions Directory)
- ! Removed Version Check field
Version 3-1 - 2013-12-15
- First release for Joomla! 3.x.
- This release is tested only with Joomla! 3.2 - do not use it in a lower Joomla! version. Do not report any problems with other Joomla! versions. Only the mentioned version is supported officially!
Version 2.5-2 - 2013-05-21
- ^ Output of option "Password must contain" - all needed character types are displayed in the error message, not only the missing one
Version 2.5-1 - 26-Feb-2013
+ First version for Joomla! 2.5