@cwjordan just to add – a logged out user can request a password reset link which they can use to enter a new password. This will be another place to enforce strong passwords.
Yes, however since that is a WordPress page, the existing WordPress plugins for enforcing strong passwords should handle that case. I have checked the “enforce strong passwords” plugin and it does enforce strong passwords for the password reset page. It just doesn’t know about the Buddypress “General Settings” page.
So what I’d like to know is if there are any strong password plugins, or other solutions, that work well with Buddypress.
There are pre-submit and post-submit hooks in General Settings
Look in members\single\settings\general.php
Write a function that calls your strong password plugin.
Hi,
I’m quite new in Buddypress and I’m not an expert developer.
Can you tell me, please, how can I call a Policy MAnager Plugin to enforce users to have strong password?
In addition, can you tell, please, me where can i found this function ‘bp_core_general_settings_before_submit’?
Thanks very much
Fabius219, I never could quite figure this out. I got as far as figuring out how to modify my theme’s function.php file to add a filter to bp_core_general_settings_before_submit to add the password strength bar to the buddypress settings page, but I couldn’t figure out how to get the “Force Strong Passwords” plugin to enforce that the password must be a certain strength. For the regular WordPress Profile page, that plugin hooks into ‘user_profile_update_errors’, but I don’t see an equivalent hook in buddypress/bp-settings/bp-settings-actions.php, which I think is the right place to look. Googling around I don’t see that anyone else has done it either, which is too bad.
I sat down and tried it and if I do modify bp-settings-actions.php then I can get it to enforce strong passwords just fine. Of course that will break every time Buddypress comes out with a new version, so it’s not really a solution. Sigh.