GB Password Strength

iPurpl3x

@DursunCan & @Trombert This update should fix your issues. Thanks again for your feedback.

Release v2.0.1

Thank you for reporting bugs and feedback!

Changelog:

Fixed things so that it is actually possible to log-in or sign-up. In the previous release, the value of the password field was not saved correctly 🙈.
Compatibility with nearata/flarum-ext-signup-confirm-password
Conflict with therealsujitk/flarum-ext-show-password

matteocontrini

Is there a reason why this extension amounts for almost 1 MB of the forum bundle? 🤔 it's like double what core weighs...

IanM

3.0.0

Note There is no beta 16 support from this extension, 2.0.1 is the latest release for beta 15, 3.0.0 requires Flarum 1.0 or above

❗️ Not compatible with beta 16, but compatible with beta 15 and lower or v1.0 and up.

wonderbeel

Seems to be related to bundling the entire zxcvbn here.
Dropbox has some suggestions to improve the performance hit,I am still looking around to understand how flarum works but I think that it shouldn't be too difficult to load the library asyncronously.

matteocontrini

wonderbeel Flarum doesn't support lazy loading, but it's always possible to load an external file "on demand". For example the Emoji Picker extension by @clarkwinkelmann does that, and I think also @Kyrne's Websocket extension.

wonderbeel

Yup, something similar to this should work in this case.
BTW looking at the issues it seems that zxcvbn isn't mantained anymore and that there is a newer fork that supports i18n and multiple keyboard layouts, maybe it is better to make the switch?

iPurpl3x

wonderbeel Good to know, I will take a look when I have some time.

[deleted]

@anyModerator please add incompatible tag as it is not supported for 16 beta

luceos

[deleted] thanks for letting us know, feel free to use the flag functionality next time 😉

IanM

Cross posting from here

I've been commissioned by @glowingblue to update this extension in the coming days ready for Flarum 1.0

Either myself or @glowingblue / @iPurpl3x will post back here once it's ready

Justman10000

@glowingblue

You have to install it with

composer require glowingblue/password-strength:*

composer require glowingblue/password-strength

joanaranda

Is there any way to force that only "Strong" or, at least, "Could be stronger" passwords are accepted? I think that the value of the extension would be much higher if it could be used to prevent weak passwords and not only to inform about them.

iPurpl3x

joanaranda I guess there is a way to add that for sure. A PR would be welcome, but from our side (@glowingblue) we don't plan to add that feature.

Derbosik

iPurpl3x The extension modifies the password field, erroring out when using a 2FA extension like ianm-twofactor. Disabling your extension fixes it. (Can you possibly find a way to mitigate this so that both extensions can work in harmony?)

davetodave178

Derbosik Thanks for the notice. We'll address this in the next 1–2 weeks.

davetodave178

Derbosik Has version 4.0.0 resolved the issue in your case?

glowingblue

4.0.0

chore: update js build workflow by @davetodave178 in glowingblue/flarum-ext-password-strength2
fix: only customize password item if key available by @davetodave178 in glowingblue/flarum-ext-password-strength3

Updating

composer require glowingblue/password-strength:"*"
php flarum cache:clear

Derbosik

Yes

« Previous Page