By default, AppGini accepts ANY password - as simple as 1 x character - which is not exactly ideal if you are trying to protect sensitive data.
I recently had cause to force strong passwords (combination of uppercase, lowercase, numeric, special character and at least 8 characters) on a project I was working on in order to comply with a security audit. With the assistance of Ahmad of AppGini, we've managed to implement the required code with minimal editing required.
Two files require editing: language-admin.php and admin/pageEditMember.php (or only admin/pageEditMember.php if you're not interested in informing Admins that strong Passwords are required).
For anybody who might be interested, I've attached the two edited files. Simpler than trying to explain. The attached are V5.50 files. Adding the same code works back as far as V5.30 but beyond that I have no idea if it will work. Editing is minimal and code has only been added - no major hacks involved. Of course if you do use this code you will have to replace it again if you overwrite your project with updated AppGini files.
New code in admin/pageEditMember.php is commented so just search "strong password" to see what's been added (starts on lines 5, 63 & 96). Feel free to edit to your own requirements.
How to force strong Strong Passwords
How to force strong Strong Passwords
- Attachments
-
- Strong-Password.zip
- (11.5 KiB) Downloaded 184 times
Re: How to force strong Strong Passwords
Thanks for sharing, I will be testing it in a coming project I have to do.
AppGini 22.14 - xampp 3.3.0 - PHP 7.4.30 - Summary reports - Calendar - Mass update - Messages - AppGiniHelper