How to enforce strong passwords upon registration

Last updated on by

Home Forums Legacy Support Support queries How-to & Troubleshooting How to enforce strong passwords upon registration

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • January 24, 2020 at 6:07 am #240440
    roath
    Spectator
    Hello, Please, how can I enforce the user to enter a strong password as a pre-requisite upon registration? Although the site shows that the password is "weak", it allows the user to complete the registration process. Is it possible without additional plugins? Thank you. Rgds Rodrigo
    January 25, 2020 at 2:14 pm #240594
    logan
    Member
    Hello, this is possible with third party plugins for example:
    1. https://wordpress.org/plugins/login-security-solution/
    2. https://wordpress.org/plugins/enforce-strong-password/
    3. https://wordpress.org/plugins/force-strong-passwords/
    also you can refer this: https://www.lehelmatyus.com/606/force-strong-password-buddypress-plugin
    February 12, 2020 at 4:17 am #242249
    roath
    Spectator
    Hi Logan, Thank you your answer. In order to avoid installing another plugin, I've implemented the code you suggested on the link and it worked perfectly, but only in the SIGNUP step! If you are already registered and try to redefine your password, the code doesn't prevent weak passwords anymore!! Do you know how add this restriction to password redefinitions? Thank you again. Rgds, Rodrigo
    February 13, 2020 at 12:59 pm #242454
    logan
    Member
    try this: function lehelmatyus_validation123() { global $bp; if ( !empty( $_POST['pass1'] ) ) if ( !valid_pass( $_POST['pass1'] ) ){ $bp->signup->errors['pass1'] = __( 'Your password is not strong enough. It needs to be at least 8 characters long, and must contain at least: 1 lowercase character (a-z), 1 uppercase character (A-Z), 1 number (0-9) and 1 special character (!@#..)', 'buddypress' ); } } add_action( 'bp_core_general_settings_after_submit', 'lehelmatyus_validation123');   function valid_pass($candidate) { $r1='/[A-Z]/';  //Uppercase $r2='/[a-z]/';  //lowercase $r3='/[!@#$%^&*()-_=+{};:,<.>]/';  // whatever you mean by special char $r4='/[0-9]/';  //numbers   if(preg_match_all($r1,$candidate, $o)<1) return FALSE; if(preg_match_all($r2,$candidate, $o)<1) return FALSE; if(preg_match_all($r3,$candidate, $o)<1) return FALSE; if(preg_match_all($r4,$candidate, $o)<1) return FALSE; if(strlen($candidate)<8) return FALSE;   return TRUE; } but it is not tested. it may not work. you should use third party plugin thats best way to achieve this.
  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • The topic ‘How to enforce strong passwords upon registration’ is closed to new replies.