PHPackages double-star-systems/zxcvbn-symfony - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Validation & Sanitization](/categories/validation) 4. / 5. double-star-systems/zxcvbn-symfony ActiveLibrary[Validation & Sanitization](/categories/validation) double-star-systems/zxcvbn-symfony ================================== Password strength validator for Symfony framework. Based on Dropbox's zxcvbn project. 1.0.2(4y ago)0103↓50%MPL-2.0PHP Since Jul 28Pushed 4y agoCompare [ Source](https://github.com/Double-Star-Systems/zxcvbn-symfony)[ Packagist](https://packagist.org/packages/double-star-systems/zxcvbn-symfony)[ RSS](/packages/double-star-systems-zxcvbn-symfony/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (3)Versions (5)Used By (0) Zxcvbn Symfony Bundle ===================== [](#zxcvbn-symfony-bundle) Password strength constraint for Symfony validator component. Based on the [zxcvbn project](https://blogs.dropbox.com/tech/2012/04/zxcvbn-realistic-password-strength-estimation/)from Dropbox and @lowe, this is using [zxcvbn-php](https://github.com/bjeavons/zxcvbn-php)under the hood for password strength estimation. > zxcvbn attempts to give sound password advice through pattern matching and conservative entropy calculations. It finds 10k common passwords, common American names and surnames, common English words, and common patterns like dates, repeats (aaa), sequences (abcd), and QWERTY patterns. Installation ------------ [](#installation) The library can be installed with [Composer](http://getcomposer.org) by adding it as a dependency to your composer.json file. ``` $ composer require double-star-systems/zxcvbn-symfony ``` Usage ----- [](#usage) The constrint can be attached to an entity field using an annotation. ``` use DoubleStarSystems\ZxcvbnSymfony\Constraint\PasswordStrength; class User { /** * @PasswordStrength(min_score=3, message="Custom message for weak password error") */ private $password; } ``` You may simply use the simpler `@PasswordStrength(3)` form for a minimum password score of `3`, if you don't need a custom message. More information on validation with Symfony validator can be found in [the documentation](http://symfony.com/doc/current/book/validation.html). Alternatively, the constraint can be added directly to form fields. ``` use DoubleStarSystems\ZxcvbnSymfony\Constraint\PasswordStrength; use Symfony\Component\Form\Extension\Core\Type\PasswordType; public function buildForm(FormBuilderInterface $builder, array $options) { $builder ->add('password', PasswordType::class, [ 'required' => true, 'constraints' => [ new PasswordStrength(['min_score' => 3]), ], ]) ; } ``` Score ----- [](#score) The score is an integer from 0-4 (you can mentally represent it as a strength bar) - `0` too guessable: risky password. (guesses < 10^3) - `1` very guessable: protection from throttled online attacks. (guesses < 10^6) - `2` somewhat guessable: protection from unthrottled online attacks. (guesses < 10^8) - `3` safely unguessable: moderate protection from offline slow-hash scenario. (guesses < 10^10) - `4` very unguessable: strong protection from offline slow-hash scenario. (guesses >= 10^10) License ------- [](#license) This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at . See the [complete license](LICENSE). This project is a fork of Mathieu Darse's [Password Strength Validator](https://github.com/mdarse/password-strength-validator) which is no longer in active development. ### Health Score 29 — LowBetter than 59% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity11 Limited adoption so far Community8 Small or concentrated contributor base Maturity66 Established project with proven stability Bus Factor1 Top contributor holds 60% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~1013 days Total 3 Last Release 1555d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/2d0b02b1400c4c24d0caf4adc94bfbf6baf5b3453fb339bec94a9971738a5535?d=identicon)[roygoldman](/maintainers/roygoldman) --- Top Contributors [![richgerdes](https://avatars.githubusercontent.com/u/1626100?v=4)](https://github.com/richgerdes "richgerdes (3 commits)")[![mdarse](https://avatars.githubusercontent.com/u/484720?v=4)](https://github.com/mdarse "mdarse (2 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/double-star-systems-zxcvbn-symfony/health.svg) ``` [![Health](https://phpackages.com/badges/double-star-systems-zxcvbn-symfony/health.svg)](https://phpackages.com/packages/double-star-systems-zxcvbn-symfony) ``` ### Alternatives [olssonm/l5-zxcvbn Implementation of the zxcvbn project by @dropbox for Laravel. Uses zxcvbn-php by @bjeavons. 28311.1k1](/packages/olssonm-l5-zxcvbn)[sllh/iso-codes-validator Symfony validator wrapper of ronanguilloux/isocodes 37299.8k2](/packages/sllh-iso-codes-validator)[ziming/laravel-zxcvbn Zxcvbn Password validation rule for Laravel 3056.7k](/packages/ziming-laravel-zxcvbn)[digitalrevolution/symfony-validation-shorthand Validation shorthand for symfony 12108.5k2](/packages/digitalrevolution-symfony-validation-shorthand)[digitalrevolution/symfony-request-validation Automatic request validation for symfony 1296.0k](/packages/digitalrevolution-symfony-request-validation) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)