PHPackages gon-zoo82/password-strength-validator - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Validation & Sanitization](/categories/validation) 4. / 5. gon-zoo82/password-strength-validator ActiveLibrary[Validation & Sanitization](/categories/validation) gon-zoo82/password-strength-validator ===================================== Password strength validator for Symfony framework. Based on Dropbox's zxcvbn project. 01.9kPHP Since Oct 5Pushed 8y ago1 watchersCompare [ Source](https://github.com/GonZOO82/password-strength-validator)[ Packagist](https://packagist.org/packages/gon-zoo82/password-strength-validator)[ RSS](/packages/gon-zoo82-password-strength-validator/feed)WikiDiscussions master Synced today READMEChangelogDependenciesVersions (1)Used By (0) Password strength validator =========================== [](#password-strength-validator) Password strength constraint for Symfony validator component. Based on the [zxcvbn project](https://blogs.dropbox.com/tech/2012/04/zxcvbn-realistic-password-strength-estimation/)from Dropbox and @lowe, this is using [zxcvbn-php](https://github.com/bjeavons/zxcvbn-php)under the hood for password strength estimation. > zxcvbn attempts to give sound password advice through pattern matching and conservative entropy calculations. It finds 10k common passwords, common American names and surnames, common English words, and common patterns like dates, repeats (aaa), sequences (abcd), and QWERTY patterns. Installation ------------ [](#installation) The library can be installed with [Composer](http://getcomposer.org) by adding it as a dependency to your composer.json file. ``` $ composer require "mdarse/password-strength-validator" ``` Usage ----- [](#usage) ``` use Darse\PasswordStrengthValidator\Constraint\PasswordStrength; class User { /** * @PasswordStrength(min_score=3, message="Custom message for weak password error") */ private $password; } ``` You may simply use the simpler `@PasswordStrength(3)` form for a minimum password score of `3`, if you don't need a custom message. More information on validation with Symfony validator can be found in [the documentation](http://symfony.com/doc/current/book/validation.html). Score ----- [](#score) The score is an integer from 0-4 (you can mentally represent it as a strength bar) - `0` too guessable: risky password. (guesses < 10^3) - `1` very guessable: protection from throttled online attacks. (guesses < 10^6) - `2` somewhat guessable: protection from unthrottled online attacks. (guesses < 10^8) - `3` safely unguessable: moderate protection from offline slow-hash scenario. (guesses < 10^10) - `4` very unguessable: strong protection from offline slow-hash scenario. (guesses >= 10^10) License ------- [](#license) This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at . See the [complete license](LICENSE). ### Health Score 23 — LowBetter than 27% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity15 Limited adoption so far Community7 Small or concentrated contributor base Maturity41 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://avatars.githubusercontent.com/u/9081072?v=4)[Juhász Gábor](/maintainers/GonZOO82)[@GonZOO82](https://github.com/GonZOO82) --- Top Contributors [![GonZOO82](https://avatars.githubusercontent.com/u/9081072?v=4)](https://github.com/GonZOO82 "GonZOO82 (1 commits)") ### Embed Badge ![Health badge](/badges/gon-zoo82-password-strength-validator/health.svg) ``` [![Health](https://phpackages.com/badges/gon-zoo82-password-strength-validator/health.svg)](https://phpackages.com/packages/gon-zoo82-password-strength-validator) ``` ### Alternatives [webmozart/assert Assertions to validate method input/output with nice error messages. 7.6k894.0M1.2k](/packages/webmozart-assert)[bensampo/laravel-enum Simple, extensible and powerful enumeration implementation for Laravel. 2.0k15.9M104](/packages/bensampo-laravel-enum)[swaggest/json-schema High definition PHP structures with JSON-schema based validation 48612.5M73](/packages/swaggest-json-schema)[stevebauman/purify An HTML Purifier / Sanitizer for Laravel 5325.6M19](/packages/stevebauman-purify)[ashallendesign/laravel-config-validator A package for validating your Laravel app's config. 217905.3k5](/packages/ashallendesign-laravel-config-validator)[crazybooot/base64-validation Laravel validators for base64 encoded files 1341.9M8](/packages/crazybooot-base64-validation) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)