Register Members List Search Today's Posts Mark Forums Read

Mod Options
Password Strength Check Details »
Password Strength Check
Mod Version: 0.9.0, by kh99 (Senior Member) kh99 is offline
Developer Last Online: Sep 2020 I like it Show Printable Version Email this Page

vB Version: 3.8.x Rating: (8 votes - 4.88 average) Installs: 32
Released: 14 Oct 2013 Last Update: 14 Oct 2013 Downloads: 239
Not Supported Uses Plugins Auto-Template Additional Files Re-usable Code Translations Is in Beta Stage  

What is it?
This mod adds a check for password strength at registration and when a user changes their password. You can specify the minimum length and number of upper case, digits, and other characters you want to require (see screen grab 3), or you can choose a minimum score to allow (based on length and types of characters included, see screen grab 4).

1) Upload the files in the upload directory to the appropriate locations.

2) In the Product Manager in AdminCP, import the product XML file (product-kh99_passwords.xml).

3) In the admincp, go to "[kh99] Password Policy Options" and select the options you want.

1) Uninstall the product from the Product Manager in the AdminCP.

2) Remove the uploaded files.

1) Tested on vb3.8.8. I also test a bit on vb3.8.2 (mostly for php version compatibility) and it seems to work.

0.9.0 (October 14, 2013) - Initial Release

Download Now

Only licensed members can download files, Click Here for more information.


Click image for larger version

Name:	sg1.png
Views:	223
Size:	257.1 KB
ID:	146808   Click image for larger version

Name:	sg3.png
Views:	313
Size:	58.1 KB
ID:	146810   Click image for larger version

Name:	sg4.png
Views:	355
Size:	57.5 KB
ID:	146811   Click image for larger version

Name:	sg2.png
Views:	107
Size:	67.1 KB
ID:	152627  

Show Your Support

  • To receive notifications regarding updates -> Click to Mark as Installed.
  • If you like this modification support the author by donating.
  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Similar Mod
Mod Developer Type Replies Last Post
Password Complexity Check achilles vBulletin 2.x Beta Releases 5 06 Apr 2002 10:19

Old 18 Jun 2014, 17:21
kh99 kh99 is offline
Join Date: Aug 2009
Real name: Kevin
Originally Posted by sinaevil View Post
hi kh99,
thank you for this great add-on, im wating for VB4. tnx.
I'm actually working on it right now, but the vb4 registration process is a little different so it's taking some time to work out the bugs.
Reply With Quote
Old 26 Dec 2014, 17:43
JesWhite JesWhite is offline
Join Date: Apr 2014
Real name: Jes
Originally Posted by kh99 View Post
I'm actually working on it right now, but the vb4 registration process is a little different so it's taking some time to work out the bugs.
waiting for 4.2.2

good work...
Reply With Quote
Old 26 Dec 2014, 17:57
kh99 kh99 is offline
Join Date: Aug 2009
Real name: Kevin
Oops, another one of the things I never finished. I actually thought about that when I saw this mod: and I thought maybe I should get it done, but I kind of hated to release it right after someone else wrote one.

Maybe I'll look at it this weekend.
Reply With Quote
Old 27 Dec 2014, 03:24
blind-eddie's Avatar
blind-eddie blind-eddie is offline
Join Date: Apr 2006
Real name: Tim
I forgot about this one as well... going to install it on my other 3.8 site now, Thank you.
National Arcade Competition Club- NACC All arcade edits will work on vb4.
Check out my heavily modified ibproarcade with over 50,000 games for you, free of charge!
Exclusive arcade addons, edits and skins were made by stangger5 owner of Next Level Arcade
Reply With Quote
Old 27 Oct 2015, 22:54
Alfa1's Avatar
Alfa1 Alfa1 is offline
Join Date: Dec 2005
Its not showing up on /profile.php?do=editpassword
What do I need to add to the template?

ReCaptcha is no longer showing up on registration now that this is added.
Reply With Quote
Old 30 Oct 2015, 22:32
kh99 kh99 is offline
Join Date: Aug 2009
Real name: Kevin
Originally Posted by Alfa1 View Post
Its not showing up on /profile.php?do=editpassword
What do I need to add to the template?

ReCaptcha is no longer showing up on registration now that this is added.
Hmm...I'm not sure what's going on there. If it's affecting the recaptcha, then it might be a javascript problem. You could check the browser error console to see. Unfortunately I don't have time right now to support these mods.
Reply With Quote
Old 01 Nov 2015, 13:47
Alfa1's Avatar
Alfa1 Alfa1 is offline
Join Date: Dec 2005
I understand. Thanks for making this addon.
However, vbulletin is getting too outdated and insecure for me. I am seeing hack attacks left and right and my big board has recently seen a massive attack using IPv6 vulnerability. I need to get off vbulletin ASAP.
Reply With Quote
Old 01 Nov 2015, 13:51
Dave Dave is offline
Join Date: Jun 2010
Real name: Dave
IPv6 vulnerability? Are we talking about DDoS attacks here?
vBulletin can't be blamed for DDoS attacks or a IPv6 vulnerability, unless it actually abuses a vBulletin vulnerability.
__________________ - security, development, exploits, vBulletin

Contact me for custom vBulletin 3/4 work & server/website management.
Reply With Quote
Old 01 Nov 2015, 18:33
Alfa1's Avatar
Alfa1 Alfa1 is offline
Join Date: Dec 2005
See here:
Reply With Quote
Old 01 Nov 2015, 19:06
kh99 kh99 is offline
Join Date: Aug 2009
Real name: Kevin
Originally Posted by Alfa1 View Post
I didn't read that entire thread because I have no interest in the bickering. I also don't know a lot about ipv6, but it seems to me if I were running vbulletin on a server that was reachable via ipv6, I'd configure the web server to listen only to the ipv4 address, then remove any ipv6 DNS records from my domain name. It seems like that would avoid the issue until ipv4 doesn't work any more. But maybe there's some reason I don't understand for not doing that.
Reply With Quote
Old 27 May 2016, 16:55
VIP Hawaii VIP Hawaii is offline
Join Date: Sep 2008
Question Cannot log in as Administrator at all now!

I don't know what happened, but, early on in my installation of VBulletin and various products, I installed your Password Strength Check mod .... after some 6 months of work, all of a sudden the 180 day password expiration message popped up ... I went, 'ugh', and figured OK I'll just change the password, or if I don't want this message popping up, I'll just disable the product so I can log in again ...

Since at that moment I still had a current cookie-supported AdminCP login, I tried a few things : Apparently just disabling the product from within its own AdminCP controls did not work, so I tried disabling it from Products Manager ... that didn't work either so I tried to uninstall the product from Products Manager, then removing all the files that were installed ... : that didn't work either!

I finally thought, OK, so somehow this product had 'seen' that my password was 180 days old so it set something into some database file making it so I had to change my password ... so I'll try setting Windows back 14 days so I can fool this product into thinking it's not 180 days yet, then log into the AdminCP, uninstall this product, then change the clock back, and log in again (I also rebooted the computer etc. before trying to log in again) ... even after uninstall and removal of all the product files, as you direct to do in your UNINSTALL instructions, I still cannot log in, getting that "your password is 18x days old" message ... when I click on the link to reset the password, the link will say it's sent my password, but for whatever reason the built-in email function in Vbulletin isn't working ... I even set up HMail server but that doesn't seem to be sending me the mail either... cannot log into the site let alone the AdminCP so without setting the clock back again and trying another login I will not be able to ever get back into the AdminCP ... HOW DO I ***REALLY*** UNINSTALL THIS PRODUCT? If it causes this kind of damage potentially, it should be QUARANTINED ...

I should also mention that I have tried disabling all hooks in /includes/config.php and also had "undeletable users" set for my Administrator account (how then can it have changed my 'old' password then? I thought that config.php rules 'RULED' over all other settings!!!))) ... whenever I would try to paste in my 'old' password (which is definitely correct!) to change the password, I'd get a message saying I had not typed my *current* password in correctly! I have also tried removing all related cookies, restarting Firefox, again, no go. Tried of course, restoring older versions of the database (after installation of this mod but before the 180 days had passed), resetting the clock backwards, then forwards, still no go. Tried logging in using tools.php ... this seemed to work once, then would not work again ... still can't get in. I finally tried resetting the clock to present time, then tried tools.php Admin restore, then tried going to the password modification page this mod presents ... I removed whatever was in the 'old password' field, put in my newer password after having changed it in AdminCP at some point ... no go. Tried putting in the OLD password, and for some reason (still unknown to me), I was able to change the password ... then tried logging out, then in again as Administrator and was able to log into AdminCP ... right at the moment things look pretty normal again ... but : (soap opera music plays) 1. Will I be able to uninstall this thing successfully? 2. Will I get locked out again in about 6 months? 3. Will I be able to get back in again? 4. Will this happen to my other users? 5. Will this mod ever be fixed and updated?

Hey, I can understand if someone does not have the time to support a mod they have created, but when that mod has the capability of LOCKING OUT THE ADMIN, that no-support policy should be changed for that mod, at least until it's fixed.


Last edited by VIP Hawaii; 27 May 2016 at 20:10. Reason: I found a workaround fix which hopefully will not be needed anymore after kh99 fixes this mod!
Reply With Quote
Old 28 May 2016, 16:26
kh99 kh99 is offline
Join Date: Aug 2009
Real name: Kevin
First, I'm sorry that you're having problems. The fact is that while I won't rule out ever making ny changes or releasing fixes, at this point you'd have to consider all my mods as unsupported. And you're right, if one of them has an issue it should be quarantined, although I think that may only done for security issues and not for bugs.

That said, if I understand you correctly you seem to believe that the "Your password is 180 days old" screen is displayed by my mod, but it's not, that's a feature of vbulletin. It can be turned off by a setting somewhere I believe, but I have no way of finding which one right now. Maybe I'mm not understanding what you're saying, because I don't really understand why you didn't just change your password.
Reply With Quote

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

New To Site? Need Help?

All times are GMT. The time now is 19:59.

Layout Options | Width: Wide Color: