Author Topic: weak password detection upon login - redirect to password plugin (Read 5234 times)

cusco · « **on:** August 28, 2013, 06:53:15 AM »

Hi,

I would like, somehow the ability to persuade users to change their password if does not meet 'strong password' requirements

- like in password plugin: if ($check_strength && (!preg_match("/[0-9]/", $newpwd) || !preg_match("/[^A-Za-z0-9]/", $newpwd)))

Ideally would pop-up a message stating password seems to be weak and user should consider changing it, and even forward to the password plugin page...

This would persuade users to change their passwords.

I guess a simple plugin hooked into login could do this, but i'm not great on roundcube plugins ...

any hints?

ABerglund · « **Reply #1 on:** August 28, 2013, 11:17:19 AM »

I am greatly interested in this as well. I have added a strength checker and display to the password plugin, but would love to have a test like this for passwords that pre-date the current password requirements.

SKaero · « **Reply #2 on:** August 28, 2013, 02:55:35 PM »

It wouldn't be to hard with the login_after hook. IF I get some time this weekend I'll see if I can throw together a example plugin.

cusco · « **Reply #3 on:** September 04, 2013, 06:58:51 AM »

Hi, I was looking at the 'login_after' hook, but I don't really understand how to hook into it.

If a simple example plugin could be provided I could try and go from there..?

Author Topic: weak password detection upon login - redirect to password plugin (Read 5234 times)

cusco

weak password detection upon login - redirect to password plugin

ABerglund

Re: weak password detection upon login - redirect to password plugin

SKaero

Re: weak password detection upon login - redirect to password plugin

cusco

Re: weak password detection upon login - redirect to password plugin