weak password detection upon login - redirect to password plugin

cusco · August 28, 2013, 06:53:15 AM

Hi,

I would like, somehow the ability to persuade users to change their password if does not meet 'strong password' requirements

- like in password plugin: if ($check_strength && (!preg_match("/[0-9]/", $newpwd) || !preg_match("/[^A-Za-z0-9]/", $newpwd)))

Ideally would pop-up a message stating password seems to be weak and user should consider changing it, and even forward to the password plugin page...

This would persuade users to change their passwords.

I guess a simple plugin hooked into login could do this, but i'm not great on roundcube plugins ...

any hints?

ABerglund · August 28, 2013, 11:17:19 AM

I am greatly interested in this as well. I have added a strength checker and display to the password plugin, but would love to have a test like this for passwords that pre-date the current password requirements.

SKaero · August 28, 2013, 02:55:35 PM

It wouldn't be to hard with the login_after hook. IF I get some time this weekend I'll see if I can throw together a example plugin.

cusco · September 04, 2013, 06:58:51 AM

Hi, I was looking at the 'login_after' hook, but I don't really understand how to hook into it.

If a simple example plugin could be provided I could try and go from there..?

weak password detection upon login - redirect to password plugin

cusco

ABerglund

SKaero

cusco