From MediaWiki.org
Jump to navigation Jump to search
MediaWiki extensions manual
OOjs UI icon advanced.svg
Release status: beta
Implementation User identity
Description Enforces a strong password.
Author(s) Ger Apeldoorn
Latest version 0.2 (2007-03-07)
License No license specified
Download see below
Hooks used
Translate the EnforceStrongPassword extension if it is available at translatewiki.net
Check usage and version matrix.

What can this extension do?[edit]

This extension lets you set additional requirements for passwords. (1 number, 1 capital, 1 'normal' letter etc.)


Note that all passwords are checked, also the ones your users will use to login. If you have users in place that already have a password set that does NOT meet the requirements, they will be unable to login. You might want to change the MediaWiki:Passwordtooshort message to reflect the additional password requirements.


Changes to LocalSettings.php[edit]

Add this:

$wgMinimalPasswordLength = 6; 
$wgHooks['isValidPassword'] [] = 'isStrongPassword';


Save this in: extensions/StrongPassword.php


$wgExtensionCredits['other'][] = array(
        'name' => 'EnforceStrongPassword',
        'version' => '0.2',
        'author' => 'Ger Apeldoorn',
        'url' => 'http://www.mediawiki.org/wiki/Extension:EnforceStrongPassword',
        'description' => 'Enforces a strong password.',

function isStrongPassword($password, &$return, $user) {

  //Remember to set this variable in LocalSettings.php
  global $wgMinimalPasswordLength;
    ctype_alnum($password) // numbers & digits only
    && strlen($password)>=$wgMinimalPasswordLength // at least xx chars
    && strlen($password)<17 // at most 16 chars
    && preg_match('`[A-Z]`',$password) // at least one upper case
    && preg_match('`[a-z]`',$password) // at least one lower case
    && preg_match('`[0-9]`',$password) // at least one digit
    // valid
    $return = true;
   } else {
    // not valid
    $return = false;

   // This hook REPLACES the original code.
  return false;