Skip to content
Snippets Groups Projects
Select Git revision
  • 4.0.x
  • 8.x-3.x
  • 7.x-2.x
  • 7.x-1.x
  • 6.x-1.x
  • 4.7.x-1.x
  • 5.x-1.x
  • 4.0.3
  • 4.0.2
  • 4.0.1
  • 4.0.0
  • 8.x-3.2
  • 8.x-3.1
  • 8.x-3.0
  • 8.x-3.0-beta1
  • 8.x-3.0-alpha5
  • 7.x-2.0-alpha8
  • 7.x-1.16
  • 8.x-3.0-alpha4
  • 7.x-1.15
  • 7.x-1.14
  • 7.x-2.0-alpha7
  • 7.x-1.13
  • 8.x-3.0-alpha3
  • 8.x-3.0-alpha2
  • 7.x-2.0-alpha6
  • 8.x-3.0-alpha1
27 results

password_policy

  • Clone with SSH
  • Clone with HTTPS
    • Klaus Purer's avatar
    Issue #3516906 by klausi, vishalkhode: PHP 8.4 nullable types must be explicit
    Klaus Purer authored and Vishal Khode committed
    999abf85
    History
    Klaus Purer's avatar 999abf85
    History
    Name Last commit Last update
    config
    migrations
    password_policy_blacklist
    password_policy_character_types
    password_policy_characters
    password_policy_consecutive
    password_policy_delay
    password_policy_history
    password_policy_length
    password_policy_username
    src
    templates
    tests
    .cspell-project-words.txt
    .gitlab-ci.yml
    .travis.yml
    README.md
    composer.json
    password_policy.api.php
    password_policy.info.yml
    password_policy.install
    password_policy.links.action.yml
    password_policy.links.menu.yml
    password_policy.module
    password_policy.permissions.yml
    password_policy.routing.yml
    password_policy.services.yml
    README.md

    Password Policy

    This is a Drupal 8 module for the Password Policy module. This is comprised of constraints and policies.

    Constraints are different ways that you can restrict a password. A policy is an instance of a constraint that define specific parameters for the constraint.

    Policies are applied through Drupal's role-based permissions system.

    Password Policy comes bundled with a password expiration feature. Policies define a time-based expiration logic (based on days) and administrators have the ability to manually expire all passwords by role.

    Enable

    • Download and enable the module

    Plugins

    All plugins are installed as separate modules. The only policies that are out of the box is the Password Reset feature.

    Configure

    • Enable all plugin modules
    • Go to Password Policy's configuration page (/admin/config/security/password-policy)
    • Add policies by clicking on the tab for each plugin
    • Go to the permissions page (/admin/people/permissions)
    • Select which roles the policies applies to

    Architecture

    • Password Policy provides a plugin manager that defines an interface for constraints and the constraint's policies
    • Policies are implemented as permissions and enforced on the user form
    • Password expiration implements an event subscriber and forces a user to his/her user form upon expiration
    • Password time-based expiration leverages cron for tagging accounts as expired
    • Externally authenticated users (via externalauth module) are excluded from validation and time-based expiration