New posts New resources New threads Most answered Most reaction Most viewed threads

Welcome to My iptv forum

  • Everyone is invited! My iptv forum is for everyone, new and advanced user alike!
  • Searching is key! Before you post a question, use the forum search feature to determine whether your topic has already been covered.
  • Do not start flame wars! If someone has engaged in behavior that is detrimental to the discussion -- spamming, harassment, etc -- report the post and we'll take a look.

    • Resource icon

    XenForo Password Tools 3.9.0 3.9.0

    Get access to Download
    Overview Updates (10) Old Version Discussion (11)
    XenForo 2.x Free.
    XenForo Password Tools 3.9.0
    Xenforo Offline

    Xenforo

    Member
    Trusted Member
    +Lifetime VIP
    New member
    Member
    Apr 4, 2020
    5,541
    5,408
    113
    Turkey
    e3c6637c37483.png

    This modification mostly follows the principles of Dan Wheelers password strength estimator zxcvbn. It does not weight password strength by their combination of upper/lower letters, special characters and numbers, but on how easy they are to crack in reality.

    To increase the safety of your users account, you can force them to use passwords of a minimum length, minimum strength and even force them to exclude certain words from their passwords (like your site name, the topic your site refers to, etc.).

    But the other side of the equation, is no matter how secure the password is, if it has been compromised not password strength estimator will help make it better. As such NIST has the following guidance: check passwords against those obtained from previous data breaches. Pwned Password integration does that.

    zxcvbn Readme said:
    zxcvbn is a password strength estimator inspired by password crackers. Through pattern matching and conservative entropy calculations, it recognizes and weighs 10k common passwords, common names and surnames according to US census data, popular English words, and other common patterns like dates, repeats (aaa), sequences (abcd), keyboard patterns (qwertyuiop), and l33t speak.

    Consider using zxcvbn as an algorithmic alternative to password policy — it is more secure, flexible, and usable when sites require a minimal complexity score in place of annoying rules like "passwords must contain three of {lower, upper, numbers, symbols}".

    Features
    • Show password feature, allow users to toggle to see what they have actually entered.
    • Show users how strong their passwords really are when it comes to crack-attempts
    • Deliver instant feedback if password and password-confirm match and/or certain requirements are not met
    • Force users to choose passwords with a minimum strength
    • Force users to choose passwords with a minimum length
    • Force users to chooce a password not containing words from a blacklist you define
    • No cheating: This modification also controls users passwords on server side with Ben Jeavos php-implementation of zxcvbn.
    • Easy styling through XenForo Style Properties
    Options :

    d250ad1f8c884.png
    Click to expand...

    Read more about this resource...
     
    Relate Threads
    Mod Tools Improvements 1.3.5 by Xenforo,
    [OzzModz] Admin Tools Collapse Lists 2.1.2 by Xenforo,
    GeoIP Moderator Tools 1.0.0.1 by Xenforo,
    MD: Thread Password 1.0.1 by Xenforo,
    WBB - Thread Password 1.0.0 by Xenforo,
    [GT] Password Strength Reskin 1.0.0 by Xenforo,
    Xenforo Offline

    Xenforo

    Member
    Trusted Member
    +Lifetime VIP
    New member
    Member
    Apr 4, 2020
    5,541
    5,408
    113
    Turkey
    Xenforo updated Password Tools 3.6.1 with a new update entry:

    Password Tools 3.6.1

    Thanks to @NamePros for sponsoring this update.
    • Update compromised password alert text to be less awkward
    • On updating passwords, remove any compromised password alerts to avoid user confusion
    • Add "Force email two factor authentication on compromised password" option (default disabled)
    • Add "Pwned password minimum count (soft)" option.
      This allows a user to change a password to a known compromised value which is under a given number of known hits. This still generates...
    Click to expand...

    Read the rest of this update entry...
     
    Xenforo Offline

    Xenforo

    Member
    Trusted Member
    +Lifetime VIP
    New member
    Member
    Apr 4, 2020
    5,541
    5,408
    113
    Turkey
    Xenforo Offline

    Xenforo

    Member
    Trusted Member
    +Lifetime VIP
    New member
    Member
    Apr 4, 2020
    5,541
    5,408
    113
    Turkey
    Xenforo updated Password Tools 3.7.1 with a new update entry:

    Password Tools 3.7.1

    • Require XenForo 2.2+, drop XF2.1 support
    • Actually implement cron to prune the pwned password hash cache. Old entries where already being ignored, so this will hopefully just reduce MySQL table bloat
    • Fix denial of service attack by preventing too long password which can trigger factorial number of brute force password checks when using Zxcvbn
      • Update new install option defaults to more recommend values:
      • Enforce password complexity for admins
      • Enable "Length check...
    Click to expand...

    Read the rest of this update entry...
     
    Xenforo Offline

    Xenforo

    Member
    Trusted Member
    +Lifetime VIP
    New member
    Member
    Apr 4, 2020
    5,541
    5,408
    113
    Turkey
    Xenforo updated Password Tools 3.7.5 with a new update entry:

    Password Tools 3.7.5

    • Fix "Minimum time between triggering compromised password alerts on login" operating in seconds instead of hours
    • Fix cases where email 2fa would not be forced enabled on the first login request after a password is discovered as compromised
    • Rename various options to be better searchable
    • Adjust various option defaults to be more robust.
      • 'Minimum password length' from 8 => 10 characters
      • 'Minimum password strength' from 'very weak' to 'weak'
      • 'Pwned password...
    Click to expand...

    Read the rest of this update entry...
     
    Xenforo Offline

    Xenforo

    Member
    Trusted Member
    +Lifetime VIP
    New member
    Member
    Apr 4, 2020
    5,541
    5,408
    113
    Turkey
    updated Password Tools 3.8.2 with a new update entry:

    Password Tools 3.8.2

    • Fix changing user entity while a write is pending in some cases
    • Add "Use rejected password fragments in password meter" option (default disabled).
      Take rejected password fragments into consideration when showing the password strength meter to the user.
      Security note: this makes the full list of rejected password fragments visible to end users; ensure that there aren't any sensitive password fragments before enabling.
    Click to expand...

    Read the rest of this update entry...
     

    Create an account or login to comment

    You must be a member in order to leave a comment

    Create account

    Create an account on our community. It's easy!

    Register

    Log in

    Already have an account? Log in here.

    Top Posters of the Month

    Latest posts

    Latest resources

    Online statistics

    Members online
    114
    Guests online
    584
    Total visitors
    698
    Totals may include hidden visitors.

    Latest eCommerce products

    Share this page

    18,430Threads
    64,639Messages
    63,169Members
    rochehousetxLatest member

    Forum Rules

  • The ONLY language allowed in this forum is ENGLISH and it should be used in ALL POSTS.
  • Asking other Members to hit Likes is forbidden! Earn your likes with sharing good Stuff!
  • Asking other Members for links is forbidden!
  • No trolling. Don't make posts that are inflammatory just to get people riled up. The substance is the key to not being labelled a troll.
  • It is strictly forbidden to trick other members with empty Hidden text, (if fund will get banned)
    • Top