Skip to:
Content
Pages
Categories
Search
Top
Bottom

strong passwords


  • cwjordan
    Participant

    @cwjordan

    There are several plugins for WordPress that force users to use strong passwords. I’ve tried a couple with Buddypress 1.8.1 on WordPress 3.6.1 (“enforce strong passwords” and “login security solution”) and they don’t enforce strong passwords if a user goes to the Buddypress “General Settings” page and changes their password there.

    Has anyone found a solution that works with Buddypress to enforce strong passwords?

Viewing 7 replies - 1 through 7 (of 7 total)

  • Henry
    Member

    @henrywright-1

    @cwjordan just to add – a logged out user can request a password reset link which they can use to enter a new password. This will be another place to enforce strong passwords.


    cwjordan
    Participant

    @cwjordan

    Yes, however since that is a WordPress page, the existing WordPress plugins for enforcing strong passwords should handle that case. I have checked the “enforce strong passwords” plugin and it does enforce strong passwords for the password reset page. It just doesn’t know about the Buddypress “General Settings” page.

    So what I’d like to know is if there are any strong password plugins, or other solutions, that work well with Buddypress.


    shanebp
    Moderator

    @shanebp

    There are pre-submit and post-submit hooks in General Settings
    Look in members\single\settings\general.php

    Write a function that calls your strong password plugin.


    Fabius219
    Participant

    @fabius219

    Hi,
    I’m quite new in Buddypress and I’m not an expert developer.
    Can you tell me, please, how can I call a Policy MAnager Plugin to enforce users to have strong password?
    In addition, can you tell, please, me where can i found this function ‘bp_core_general_settings_before_submit’?
    Thanks very much


    cwjordan
    Participant

    @cwjordan

    Fabius219, I never could quite figure this out. I got as far as figuring out how to modify my theme’s function.php file to add a filter to bp_core_general_settings_before_submit to add the password strength bar to the buddypress settings page, but I couldn’t figure out how to get the “Force Strong Passwords” plugin to enforce that the password must be a certain strength. For the regular WordPress Profile page, that plugin hooks into ‘user_profile_update_errors’, but I don’t see an equivalent hook in buddypress/bp-settings/bp-settings-actions.php, which I think is the right place to look. Googling around I don’t see that anyone else has done it either, which is too bad.


    cwjordan
    Participant

    @cwjordan

    I sat down and tried it and if I do modify bp-settings-actions.php then I can get it to enforce strong passwords just fine. Of course that will break every time Buddypress comes out with a new version, so it’s not really a solution. Sigh.


    danbp
    Moderator

    @danbp

    @fabius219,

    bp_core_general_settings_before_submit is not a function but an action hook.

    bp_core_general_settings_before_submit

    @cwjordan, maybe interesting things to find
    Line 43: http://phpxref.ftwr.co.uk/buddypress/nav.html?bp-core/bp-core-settings.php.source.html

    A bbpress half soluce :

    force strong password at registration

    For inspiration ? This old BP plugin…
    https://wordpress.org/plugins/bp-xtra-signup/
    More recent
    https://wordpress.org/plugins/login-security-solution/ (maybe not compatible with BP)

    If not affraid of expirimentation:
    https://github.com/mgmartel/BuddyPress-Password-Strength-Meter/blob/master/bp-password-strength-meter.php

    For the fun, on @imath ‘s blog (in french), some code to study (php is in english)

    BuddyPress Registration : mon expérience fumante !

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘strong passwords’ is closed to new replies.
Skip to toolbar