PHPackages fadonougbo/password-policy - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Validation & Sanitization](/categories/validation) 4. / 5. fadonougbo/password-policy ActiveLibrary[Validation & Sanitization](/categories/validation) fadonougbo/password-policy ========================== Password validation Library v1.0.0(2y ago)06MITPHP Since Mar 28Pushed 1y ago1 watchersCompare [ Source](https://github.com/Fadonougbo/passwordPolicy)[ Packagist](https://packagist.org/packages/fadonougbo/password-policy)[ Docs](https://github.com/Fadonougbo/passwordPolicy)[ RSS](/packages/fadonougbo-password-policy/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (1)Versions (2)Used By (0) PasswordPolicy is a library that allows defining various validation rules for passwords. Installation ------------ [](#installation) ``` composer require fadonougbo/password-policy ``` Usage ----- [](#usage) #### Create a new instance of PasswordPolicy [](#create-a-new-instance-of-passwordpolicy) ``` use PasswordPolicy\PasswordPolicy; $policy=new PasswordPolicy('paswword'); ``` #### Now add rule [](#now-add-rule) ``` use PasswordPolicy\PasswordPolicy; $status=(new PasswordPolicy('password')) ->withLowercase() // [a-z] ->withUppercase() // [A-Z] ->withNumber() // [0-9] ->withSymbol() // [\W_] ->getStatus(); var_dump($status); ``` ``` true ``` #### The methods `withLowercase`, `withUppercase`, `withSymbol`, and `withNumber` can take a minimum or maximum value as a parameter, representing the accepted number of occurrences. [](#the-methods-withlowercase-withuppercase-withsymbol-and-withnumber-can-take-a-minimum-or-maximum-value-as-a-parameter-representing-the-accepted-number-of-occurrences) ``` use PasswordPolicy\PasswordPolicy; $password=$_POST['password']; $status=(new PasswordPolicy($password)) ->withLowercase(2) // minimum 2 lowercase letters ->withUppercase(2,3) // 2 to 3 uppercase letters ->withNumber(max:1) // 0 or 1 number ->withSymbol(1,1) // 1 symbol ->getStatus(); if($status) { echo 'Very good'; }else { echo 'error'; } ``` passwordvalidateduseR@aMin0truesJw\*Bctrue2002doefalse#### You can use the `getData` method to get much more information. [](#you-can-use-the-getdata-method-to-get-much-more-information) ``` use PasswordPolicy\PasswordPolicy; $data=(new PasswordPolicy('%USERmsjah22')) ->withLowercase() // 0 or more lowercase letters ->withUppercase(4) // minimum 4 uppsercase letters ->withSymbol(max:3) // 0 to 3 symbol ->getData(); echo $data->password; echo $data->status; echo $data->length; ``` ``` %USERmsjah22 true 12 ``` #### Attention, if you want the complete absence of numbers in the password, you must specify it in the `withNumber` method. The same goes for lowercase letters, uppercase letters, and symbols. [](#attention-if-you-want-the-complete-absence-of-numbers-in-the-password-you-must-specify-it-in-the-withnumber-method-the-same-goes-for-lowercase-letters-uppercase-letters-and-symbols) ``` use PasswordPolicy\PasswordPolicy; $password=$_POST['password']; $status=(new PasswordPolicy($password)) ->withLowercase(0,0) // 0 lowercase letter ->withUppercase(0,0) // 0 uppercase letter ->withNumber() // 0 or more numbers ->getStatus(); ``` passwordvalidated2003#true9093761trueeiwWS39falsePASSWORDfalse\#\*@(#&true#### The `blockSameCharacters` method invalidates the password if it contains repeated characters a certain number of times. [](#the-blocksamecharacters-method-invalidates-the-password-if-it-contains-repeated-characters-a-certain-number-of-times) e.g: aaaaaa ,bbbbb ,password11111 ``` use PasswordPolicy\PasswordPolicy; $data=(new PasswordPolicy('user222222')) ->blockSameCharacter(4) //Does not accept passwords with a repeated character 4 or more times. ->getData(); echo $data->status; ``` ``` false ``` #### If you want to block a user who uses a previous password, you can use the `blockIf` method [](#if-you-want-to-block-a-user-who-uses-a-previous-password-you-can-use-the-blockif-method) ``` use PasswordPolicy\PasswordPolicy; $oldPasswordHash='$2y$10$i8FPWdu/4B.GV4Cl8Hq80.9p/TjrGncCrhkQYjradFpy6o/CAJnsG'; $status=(new PasswordPolicy('newpassword')) ->blockIf(function($password) use($oldPasswordHash) { return !password_verify($password,$oldPasswordHash); }) ->getStatus(); if($status) { echo 'Yes, it is ok'; }else { echo 'You cannot use an old password.'; } ``` #### You can use `blockCommonPasswords` to block some of the most commonly used passwords in the world, such as azerty or 12345. [](#you-can-use-blockcommonpasswords-to-block-some-of-the-most-commonly-used-passwords-in-the-world-such-as-azerty-or-12345) ``` use PasswordPolicy\PasswordPolicy; $response=(new PasswordPolicy('iloveyou')) ->blockCommonPasswords("This password is too weak") ->getData(); if($response->status) { echo 'Yes, it is ok'; }else { echo $response->messages['blockCommonPasswords']; } ``` ``` This password is too weak ``` NB: If you need to define a list of undesirable passwords, you can use `blockListContent`. #### Define the size of a password with`setLength` [](#define-the-size-of-a-password-withsetlength) ``` use PasswordPolicy\PasswordPolicy; $response=(new PasswordPolicy('JohnD0e2oo2')) ->setLength(6) // min 6 characters ->getData(); ``` ### Health Score 22 — LowBetter than 22% of packages Maintenance28 Infrequent updates — may be unmaintained Popularity4 Limited adoption so far Community7 Small or concentrated contributor base Maturity41 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 775d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/17fc463333c335810914678eaff482b3e745fa3324e1e29594c8948b29cea40e?d=identicon)[Fadonougbo](/maintainers/Fadonougbo) --- Top Contributors [![Fadonougbo](https://avatars.githubusercontent.com/u/86007581?v=4)](https://github.com/Fadonougbo "Fadonougbo (18 commits)") --- Tags validationpasswordPolicy ### Code Quality TestsPest ### Embed Badge ![Health badge](/badges/fadonougbo-password-policy/health.svg) ``` [![Health](https://phpackages.com/badges/fadonougbo-password-policy/health.svg)](https://phpackages.com/packages/fadonougbo-password-policy) ``` ### Alternatives [composer/semver Version comparison library that offers utilities, version constraint parsing and validation. 3.3k489.6M672](/packages/composer-semver)[giggsey/libphonenumber-for-php A library for parsing, formatting, storing and validating international phone numbers, a PHP Port of Google's libphonenumber. 5.0k148.7M416](/packages/giggsey-libphonenumber-for-php)[respect/validation The most awesome validation engine ever created for PHP 5.9k37.4M383](/packages/respect-validation)[propaganistas/laravel-phone Adds phone number functionality to Laravel based on Google's libphonenumber API. 3.0k35.7M107](/packages/propaganistas-laravel-phone)[opis/json-schema Json Schema Validator for PHP 64236.9M186](/packages/opis-json-schema)[schuppo/password-strength This package provides a validator for ensuring strong passwords in Laravel 4 applications. 1432.7M1](/packages/schuppo-password-strength) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)