[buddypress-trac] [BuddyPress Trac] #8589: Enforce strong passwords within user profile settings

buddypress-trac noreply at wordpress.org
Sat Dec 4 18:54:51 UTC 2021

#8589: Enforce strong passwords within user profile settings
 Reporter:  niftythree             |       Owner:  imath
     Type:  enhancement            |      Status:  assigned
 Priority:  normal                 |   Milestone:  10.0.0
Component:  Templates              |     Version:
 Severity:  normal                 |  Resolution:
 Keywords:  has-patch 2nd-opinion  |
Changes (by imath):

 * keywords:  needs-patch => has-patch 2nd-opinion


 Hi @niftythree

 8589.patch] is bringing the needed code to enforce a level of password. By
 default it allows any password, but you can define a constant to enforce a
 strong (or less strong password).

 `define( 'BP_MEMBERS_REQUIRED_PASSWORD_STRENGTH', 4 ); // 4 is the
 strength score for strong passwords.`

 It only applies to BuddyPress generated template on the front end
 (registration/Member's general settings page). This means it doesn't
 change anything to WordPress only parts (eg: the WP Admin user profile, or
 the lost password WP Login screen).

 Reading the [https://buddypress.org/support/topic/require-strong-password-
 in-profile-edit/ support topic] you linked in your description, I guess
 there's already a WordPress Plugin doing the job, so we shouldn't mess
 with him imho 😉.

 @dcavins or @vapvarun what are you thoughts about this feature?

Ticket URL: <https://buddypress.trac.wordpress.org/ticket/8589#comment:4>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac

More information about the buddypress-trac mailing list