This Pluggable Authentication Service (PAS) plugin adds a password policy giving the possibility to define up to 5 regular expressions to validate a password. Default constrains are length, capital and lower letters, number and special characters.
This plugin works with Plone to allow an administrator to create
a password policy for their site. Once installed it provides a
Pluggable Authentication Service (PAS) plugin where you can create
as many regular expressions rules which will each be applied against
passwords during user registration. For example these rules can
ensure a passwords strength such as minimum length and required
letters or special characters.
In Plone 4.3 and above this plugin works directly with Plones inbuilt
password policy api. In Plone 4.2 and below this plugin contains a patch
to plone to use PAS validation.
This package is tested using Travis CI on Plone 4.1, 4.2, 4.3
The current status is :
.. image:: https://travis-ci.org/collective/Products.PasswordStrength.png
- PlonePAS and its dependencies
- Plone 4.1, 4.2 or 4.3
- better: Products.PasswordResetTool >= 2.0.18 (clearer password reset mail)
- better: plone.app.locales >= 4.3.5 (clearer translations in password reset mail)
1. Install Products.PasswordStrength using buildout like any other Plone plugin.
2. Once activated within your site you select ZMI > acl_users > password_strength_plugin
3. Click on the properties tab and edit the validation rules. The rule error text will be used for both
the password field hint to tell the user what kind of password they can pick, and also if they fail
to enter a password that matches that rule.
That's it! Test it out.
A PAS plugin for Validation checks the password against each regular
expression listed in the properties. Any rules that fail result in
the associated error messages being returned.
Plone doesn't use PAS to validate passwords, so included is a patch to
which makes plone use PAS validation plugins.
1. Patch or modify login_password.cpt to display directly the password constraints
(<div class="formHelp" i18n:translate="" tal:define="constrains python:context.portal_registration.testPasswordValidity('');">
Enter your new password. <span i18n:name="errors" tal:replace="constrains"/></div>)
2. Do password expiration
- Source Code: https://github.com/collective/Products.PasswordStrength/
- Issue Tracker: https://github.com/collective/Products.PasswordStrength/issues
License BSD-ish, see LICENSE.txt
Original Author: Dylan Jay <email@example.com>. Sponsored by PretaGov.com
Thanks to Daniel Nouri and BlueDynamics for their
NoDuplicateLogin which served as the base for this.
Thanks to the following for improvements to this plugin:
- Updated Spanish translation.
- Removed old code and templates
- Added buildout and robot tests for Plone 4.1, 4.2, 4.3
- Dont't skip password validation for manager
- Skip password validation for generated password
- Added i18n and french translation.
- Added travis configuration
- Added pwreset_form and test
- Updated README file. [macagua]
- Added QA and testing buildout configuration. [macagua]
- Added more strings classifiers items for this packages. [macagua]
- Added Spanish translation. [macagua]
- Added i18n support. [macagua]
- Bugfix for use inside change-password
- Don't validate password strength of old password
- Added a monkey-patch for the zope.schema Password field to validate
the password. This is necessary for the Plone 4 @@new-user form to
work well. [regebro]
0.2 - Packaged as egg. Plone 3.1 compatible
0.1 - Initial version. Plone 2.5 compatible