[nycphp-talk] password strength enforcement
Mitch Pirtle
mitchy at spacemonkeylabs.com
Fri Apr 9 13:58:51 EDT 2004
David Mintz wrote:
>Just wondering what techniques you guys use for enforcing password
>strength on users when they create their own. I'm considering requiring as
>a mimimum eight characters including at least one digit but I might decide
>to do more.
>
>Anybody have any good snippets or tips?
>
Yeah - use PEAR::HTML_QuickForm for the password management screens, and
use the provided rules to ensure alphanumeric-ness and so on. Makes it
easy.
If password changes occur outside of PHP, then we are into a whole
different realm... Some databases have the means of enforcing these
types of rules, not sure about MySQL- this could at least throw an error
if the proposed password was not compliant.
-- Mitch
More information about the talk
mailing list