[Xon] Password Tools 3.11.1

[newimage]

newimage submitted a new resource:

Password Tools 3.2.2 - Password

Password Tools
Description

Source
This modification mostly follows the principles of Dan Wheelers password strength estimator zxcvbn. It does not weight password strength by their combination of upper/lower letters, special characters and numbers, but on how easy they are to crack in reality.

To...

Read more about this resource...

 

[newimage]

newimage updated Password Tools with a new update entry:

3.5.0 - Feature update

• Force global namespace for functions which are known to be optimizable to bytecode in php, or known global functions to avoid a current namespace lookup for the function.
• Add "On login; alert the user if they have a known compromised password" option (default enabled)
• Add "Minimum time between triggering compromised password alerts on login" option (default 24 hours)

Read the rest of this update entry...

 

[newimage]

newimage updated Password Tools with a new update entry:

3.6.1 - Feature update

Thanks to @NamePros for sponsoring this update.

• Update compromised password alert text to be less awkward
• On updating passwords, remove any compromised password alerts to avoid user confusion
• Add "Force email two factor authentication on compromised password" option (default disabled)
• Add "Pwned password minimum count (soft)" option.
  This allows a user to change a password to a known compromised value which is under a given number of known hits. This still generates...

Read the rest of this update entry...

 

[newimage]

newimage updated Password Tools with a new update entry:

3.6.2

• Reduce queries when triggering forced email 2fa
• Prevent rare DuplicateKeyException when forcing email 2fa and multiple tabs are being used

Read the rest of this update entry...

 

[newimage]

newimage updated Password Tools with a new update entry:

3.6.3

• Dramatically reduce redistributable size by trimming unneeded files
• php 8.1 compatibility fix

Read the rest of this update entry...

 

[newimage]

newimage updated Password Tools with a new update entry:

3.6.4

• Fix edge case where 32bit php would incorrectly report a very strong password was weak due to bad float to integer truncation.
• Recommend ext-gmp (aka php-gmp) for optimized binomial calculations, which requires php 7.3+

Read the rest of this update entry...

 

[newimage]

newimage updated Password Tools with a new update entry:

3.6.5

• Switch back to upstream bjeavons/zxcvbn-php library as it should be fully php 8.1 compatible.
• More 32bit php fixes, Thanks to @NamePros

Read the rest of this update entry...

 

[newimage]

thanks to dear member @jessy updated [Xon] Password Tools with a new update entry:

3.7.1

• Require XenForo 2.2+, drop XF2.1 support
• Actually implement cron to prune the pwned password hash cache. Old entries where already being ignored, so this will hopefully just reduce MySQL table bloat
• Fix denial of service attack by preventing too long password which can trigger factorial number of brute force password checks when using Zxcvbn
  • Update new install option defaults to more recommend values:
  • Enforce password complexity for admins
  • Enable "Length check...

Read the rest of this update entry...

 

[newimage]

thanks to dear member @jessy updated [Xon] Password Tools with a new update entry:

3.7.3

• Improve detection of admin/automated edits for the "Enforce password complexity for admins" feature.

Read the rest of this update entry...

 

[jessy]

thanks to dear member @jessy updated [Xon] Password Tools with a new update entry:

3.7.4

• Fix password checks could incorrectly apply when resetting a user's password

Read the rest of this update entry...