PHPackages                             double-star-systems/zxcvbn-symfony - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Validation &amp; Sanitization](/categories/validation)
4. /
5. double-star-systems/zxcvbn-symfony

ActiveLibrary[Validation &amp; Sanitization](/categories/validation)

double-star-systems/zxcvbn-symfony
==================================

Password strength validator for Symfony framework. Based on Dropbox's zxcvbn project.

1.0.2(4y ago)0132↓75%MPL-2.0PHP

Since Jul 28Pushed 4y agoCompare

[ Source](https://github.com/Double-Star-Systems/zxcvbn-symfony)[ Packagist](https://packagist.org/packages/double-star-systems/zxcvbn-symfony)[ RSS](/packages/double-star-systems-zxcvbn-symfony/feed)WikiDiscussions master Synced today

READMEChangelogDependencies (3)Versions (5)Used By (0)

Zxcvbn Symfony Bundle
=====================

[](#zxcvbn-symfony-bundle)

Password strength constraint for Symfony validator component. Based on the [zxcvbn project](https://blogs.dropbox.com/tech/2012/04/zxcvbn-realistic-password-strength-estimation/)from Dropbox and @lowe, this is using [zxcvbn-php](https://github.com/bjeavons/zxcvbn-php)under the hood for password strength estimation.

> zxcvbn attempts to give sound password advice through pattern matching and conservative entropy calculations. It finds 10k common passwords, common American names and surnames, common English words, and common patterns like dates, repeats (aaa), sequences (abcd), and QWERTY patterns.

Installation
------------

[](#installation)

The library can be installed with [Composer](http://getcomposer.org) by adding it as a dependency to your composer.json file.

```
$ composer require double-star-systems/zxcvbn-symfony

```

Usage
-----

[](#usage)

The constrint can be attached to an entity field using an annotation.

```
use DoubleStarSystems\ZxcvbnSymfony\Constraint\PasswordStrength;

class User
{
    /**
     * @PasswordStrength(min_score=3, message="Custom message for weak password error")
     */
    private $password;
}
```

You may simply use the simpler `@PasswordStrength(3)` form for a minimum password score of `3`, if you don't need a custom message.
More information on validation with Symfony validator can be found in [the documentation](http://symfony.com/doc/current/book/validation.html).

Alternatively, the constraint can be added directly to form fields.

```
use DoubleStarSystems\ZxcvbnSymfony\Constraint\PasswordStrength;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;

public function buildForm(FormBuilderInterface $builder, array $options)
{
    $builder
        ->add('password', PasswordType::class, [
            'required' => true,
            'constraints' => [
                new PasswordStrength(['min_score' => 3]),
            ],
        ])
    ;
}
```

Score
-----

[](#score)

The score is an integer from 0-4 (you can mentally represent it as a strength bar)

- `0` too guessable: risky password. (guesses &lt; 10^3)
- `1` very guessable: protection from throttled online attacks. (guesses &lt; 10^6)
- `2` somewhat guessable: protection from unthrottled online attacks. (guesses &lt; 10^8)
- `3` safely unguessable: moderate protection from offline slow-hash scenario. (guesses &lt; 10^10)
- `4` very unguessable: strong protection from offline slow-hash scenario. (guesses &gt;= 10^10)

License
-------

[](#license)

This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at .
See the [complete license](LICENSE).

This project is a fork of Mathieu Darse's [Password Strength Validator](https://github.com/mdarse/password-strength-validator) which is no longer in active development.

###  Health Score

29

—

LowBetter than 57% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity11

Limited adoption so far

Community8

Small or concentrated contributor base

Maturity66

Established project with proven stability

 Bus Factor1

Top contributor holds 60% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~1013 days

Total

3

Last Release

1601d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/2d0b02b1400c4c24d0caf4adc94bfbf6baf5b3453fb339bec94a9971738a5535?d=identicon)[roygoldman](/maintainers/roygoldman)

---

Top Contributors

[![richgerdes](https://avatars.githubusercontent.com/u/1626100?v=4)](https://github.com/richgerdes "richgerdes (3 commits)")[![mdarse](https://avatars.githubusercontent.com/u/484720?v=4)](https://github.com/mdarse "mdarse (2 commits)")

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/double-star-systems-zxcvbn-symfony/health.svg)

```
[![Health](https://phpackages.com/badges/double-star-systems-zxcvbn-symfony/health.svg)](https://phpackages.com/packages/double-star-systems-zxcvbn-symfony)
```

###  Alternatives

[easycorp/easyadmin-bundle

Admin generator for Symfony applications

4.3k17.9M388](/packages/easycorp-easyadmin-bundle)[api-platform/core

Build a fully-featured hypermedia or GraphQL API in minutes!

2.6k51.2M339](/packages/api-platform-core)[prestashop/prestashop

PrestaShop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers.

9.1k17.8k](/packages/prestashop-prestashop)[rcsofttech/audit-trail-bundle

Enterprise-grade, high-performance Symfony audit trail bundle. Automatically track Doctrine entity changes with split-phase architecture, multiple transports (HTTP, Queue, Doctrine), and sensitive data masking.

1189.8k](/packages/rcsofttech-audit-trail-bundle)[api-platform/serializer

API Platform core Serializer

274.8M87](/packages/api-platform-serializer)[api-platform/validator

API Platform validator component

274.6M27](/packages/api-platform-validator)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
