This module adds validation of common passwords to the customer Web API using Dropbox's zxcvbn password strength estimator.
Add the module repository to composer.json
"repositories": [
{"type": "vcs", "url": "git@github.com:WeareJH/m2-module-password-policy.git"}
]
then run the following commands
$ composer require wearejh/m2-module-password-policy
$ php bin/magento setup:upgradeScores are integers from 0 to 4
| Score | Description |
|---|---|
| 0 - Very Weak | Passwords are too guessable (Allows risky passwords) |
| 1 - Weak | Passwords are very guessable (Offers protection from throttled online attacks) |
| 2 - Medium | Passwords are somewhat guessable (Offers protection from unthrottled online attacks) |
| 3 - Strong | Passwords are safely unguessable (Offers moderate protection from offline slow-hash scenario) |
| 4 - Very Strong | Passwords unguessable (Offers strong protection from offline slow-hash scenario) |
Navigate to the following admin path to manage settings
Stores > Configuration > JH Modules > Password Policy
