Jump to content
  • 0

Password limitations and strength policy

Joel006

Asked by Joel006,

 Share

Question

Joel006 Junior Member

Joel006

Posted
Posted

I want to purchase this script, the problem is my server host requires a password of a minimum ten numbers, think it may even be 8 numbers and some letters. Can I make it automatically generate these passwords or restric registration without having made such a strong password? If I can't that means I have to manually change everyones password, which I don't want to do.

0
Link to comment
Share on other sites

3 answers to this question

Recommended Posts

  • 0
Alistair Senior Member

Alistair

Posted
Posted

WHMCS includes a password strength option which you as the administrator can set to the strongest level. This will prevent registration using weak passwords.

 

However, I do not know what the "strongest" WHMCS password setting allows for in terms of how many letters and numbers. I think it just needs to be a combination of letters, numbers and characters.

0
Link to comment
Share on other sites
  • 0
Joel006 Junior Member

Joel006

Posted
  • Author
Posted
WHMCS includes a password strength option which you as the administrator can set to the strongest level. This will prevent registration using weak passwords.

 

However, I do not know what the "strongest" WHMCS password setting allows for in terms of how many letters and numbers. I think it just needs to be a combination of letters, numbers and characters.

 

Can it be set to minimum ten characters numbers or letters, asking as it has 10?

0
Link to comment
Share on other sites
  • 0
robb3369 Senior Member

robb3369

Posted
Posted

You will need to modify the getPasswordStrength function in the pwstrength.js file. Change the methodology on how the number of numbers are calculated...Here is my custom one...

 

function getPasswordStrength(pw){
score = 0;
// check password length
score += pw.length * 4;
// check for 1-4 repeating chars
score += ( checkRep(1,pw).length - pw.length ) * 1;
score += ( checkRep(2,pw).length - pw.length ) * 1;
score += ( checkRep(3,pw).length - pw.length ) * 1;
score += ( checkRep(4,pw).length - pw.length ) * 1;
// check for 3+ numbers
if (pw.match(/(.*[0-9].*[0-9].*[0-9])/)) score += 5;
// check for 2+ symbols
if (pw.match(/(.*[!,@,#,$,%,^,&,*,?,_,~].*[!,@,#,$,%,^,&,*,?,_,~])/)) score += 5;
// check for both upper and lower chars
if (pw.match(/([a-z].*[A-Z])|([A-Z].*[a-z])/)) score += 10;
// check for both char and number
if (pw.match(/([a-zA-Z])/) && pw.match(/([0-9])/)) score += 10;
// check for both symbol and number
if (pw.match(/([!,@,#,$,%,^,&,*,?,_,~])/) && pw.match(/([0-9])/)) score += 10;
// check for both symbol and char
if (pw.match(/([!,@,#,$,%,^,&,*,?,_,~])/) && pw.match(/([a-zA-Z])/)) score += 10;
// check for only numbers or chars
if (pw.match(/^\w+$/) || pw.match(/^\d+$/) ) score -= 10;
// set limits between 0 and 100
if (score < 0) return 0;
if (score > 100) return 100;
return (score);
}

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept