Password policy
This module provides a way to specify a certain level of password complexity (aka. "password hardening") for user passwords on a system by defining a password policy.
A password policy can be defined with a set of constraints which must be met before a user password change will be accepted. Each constraint has a parameter allowing for the minimum number of valid conditions which must be met before the constraint is satisfied.
Example: an uppercase constraint (with a parameter of 2) and a digit constraint (with a parameter of 4) means that a user password must have at least 2 uppercase letters and at least 4 digits for it to be accepted.
Current constraints include:
- Complexity constraint
- Digit constraint
- Letter constraint
- Letter/Digit constraint (Alphanumeric)
- Length constraint
- Uppercase constraint
- Lowercase constraint
- Punctuation constraint
- Delay constraint
- Username constraint
- Digit placement constraint
- History constraint (checks hashed password against a collection of users previous hashed passwords looking for recent duplicates)
The module also implements a password expiration feature. The user gets blocked or is forced to change his password when his old password expires.
The module was written by David Ayre. Enhanced and maintained by Miglius Alaburda.
Developed by OpenBand, an M.C. Dean, Inc. company.
Releases
| Official releases | Date | Size | Links | Status | |
|---|---|---|---|---|---|
| 6.x-1.0-alpha2 | 2009-Jun-04 | 33.78 KB | Download · Release notes | Recommended for 6.x |  |
| 5.x-1.0-alpha1 | 2008-Aug-12 | 19.91 KB | Download · Release notes | Recommended for 5.x | |
| Development snapshots | Date | Size | Links | Status | |
|---|---|---|---|---|---|
| 6.x-1.x-dev | 2009-Jun-14 | 34.19 KB | Download · Release notes | Development snapshot |  |
