PHPackages kanellov/password-strength-validator - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Validation & Sanitization](/categories/validation) 4. / 5. kanellov/password-strength-validator ActiveLibrary[Validation & Sanitization](/categories/validation) kanellov/password-strength-validator ==================================== A validator for checking password strength.cocom 1.0.0(8y ago)221.9k↓50%2GNU GPLv3PHPPHP ^5.3 || ^7.0 Since Nov 12Pushed 8y ago2 watchersCompare [ Source](https://github.com/kanellov/password-strength-validator)[ Packagist](https://packagist.org/packages/kanellov/password-strength-validator)[ Docs](https://github.com/kanellov/password-strength-validator)[ RSS](/packages/kanellov-password-strength-validator/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (5)Versions (2)Used By (0) password-strength-validator =========================== [](#password-strength-validator) Validates if a password is strong enough by checking if it contains digits, symbols and letters in different casing. **master****develop**[![Build Status](https://camo.githubusercontent.com/481ef43fad1ddecf55a35d471608b85ebe71154fd82902d64083763f80f54002/68747470733a2f2f7472617669732d63692e6f72672f6b616e656c6c6f762f70617373776f72642d737472656e6774682d76616c696461746f722e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/kanellov/password-strength-validator)[![Build Status](https://camo.githubusercontent.com/075b46241b6c49155dfe4b68e412ae44a8a20eeb25294b5f7d4f3646312cce36/68747470733a2f2f7472617669732d63692e6f72672f6b616e656c6c6f762f70617373776f72642d737472656e6774682d76616c696461746f722e7376673f6272616e63683d646576656c6f70)](https://travis-ci.org/kanellov/password-strength-validator)Installation ------------ [](#installation) Install with composer: ``` $ composer require kanellov/password-strength-validator ``` Description ----------- [](#description) This package provides a validator for checking password strength. It can be customized to check for the following: - Password contains at least one digit character - Password contains at least one uppercase character - Password contains at least one lowercase character - Password contains at least one symbol character - Password contains at least either one digit or symbol character Also, when validating for symbols, you can exclude some of them from the validation (See \[Excluding symbol characters\](#Excluding symbol characters)). Usage ----- [](#usage) ### Function [](#function) ``` require 'vendor/autoload.php'; // force password to contain at least one digit and one uppercase char $flags = KNLV_PWD_CONTAIN_DGT | KNLV_PWD_CONTAIN_UC; $password = "somePasswordNotContainingDigits"; $code = 0; $message = ''; $is_valid = true; try { \Knlv\password_strength($password, $flags); } catch(\ErrorException $e) { $is_valid = false; $code = $e->getCode(); $message = $e->getMessage(); } var_dump($is_valid, $code, $message); /* --- RESULTS --- * bool(false) * int(1) * string(50) "Password must contain at least one digit character" */ ``` ### Zend Validator [](#zend-validator) In order to use this library as Zend Validator use must install `zendframework/zend-validator` package. ``` $ composer require zendframework/zend-validator ``` ``` require 'vendor/autoload.php'; use \Knlv\Validator\PasswordStrength; $password = "somePasswordNotContainingDigits"; $validator = new PasswordStrength(array('flags' => KNLV_PWD_CONTAIN_DGT | KNLV_PWD_CONTAIN_UC)); $is_valid = $validator->isValid($password); $messages = $validator->getMessages(); var_dump($is_valid, $messages); /* --- RESULTS --- * bool(false) * array(1) { * [1]=> * string(50) "Password must contain at least one digit character" * } */ ``` ### Excluding symbol characters [](#excluding-symbol-characters) When `\Knlv\password_strength` function is called with `KNLV_PWD_CONTAIN_SYM` or `KNLV_PWD_CONTAIN_DGT_OR_SYM`flags it checks if password contains at least one of the `!"#$&'()*+,-./:;?@[\\]^_`{|}~` symbol characters. If don't want your password to contain some of these symbols, you can exclude them from the check by passing an extra argument with the symbols you want to exclude. For example, the following shows how to exclude the `@` and `!` symbols from validation: ``` require 'vendor/autoload.php'; // force password to contain at least one symbol char $flags = KNLV_PWD_CONTAIN_SYM; $password = "p@ssword!"; $exclude = "@!"; // exclude @ and ! symbols $code = 0; $message = ''; $is_valid = true; try { \Knlv\password_strength($password, $flags, $exclude); } catch(\ErrorException $e) { $is_valid = false; $code = $e->getCode(); $message = $e->getMessage(); } var_dump($is_valid, $code, $message); /* --- RESULTS --- * bool(false) * int(8) * string(51) "Password must contain at least one symbol character" */ // Using validator $password = "p@ssword!"; $validator = new \Knlv\Validator\PasswordStrength(array( 'flags' => KNLV_PWD_CONTAIN_SYM, 'excludedSymbols' => '@!', )); $is_valid = $validator->isValid($password); $messages = $validator->getMessages(); var_dump($is_valid, $messages); /* --- RESULTS --- * bool(false) * array(1) { * [8]=> * string(51) "Password must contain at least one symbol character" * } */ ``` License ------- [](#license) The GNU GENERAL PUBLIC LICENSE Version 3. Please see [License File](LICENSE) for more information. ### Health Score 33 — LowBetter than 75% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity30 Limited adoption so far Community9 Small or concentrated contributor base Maturity58 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 3109d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/1442736?v=4)[Vassilis Kanellopoulos](/maintainers/kanellov)[@kanellov](https://github.com/kanellov) --- Top Contributors [![kanellov](https://avatars.githubusercontent.com/u/1442736?v=4)](https://github.com/kanellov "kanellov (5 commits)") --- Tags validatorpasswordzendzend-validator ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/kanellov-password-strength-validator/health.svg) ``` [![Health](https://phpackages.com/badges/kanellov-password-strength-validator/health.svg)](https://phpackages.com/packages/kanellov-password-strength-validator) ``` ### Alternatives [respect/validation The most awesome validation engine ever created for PHP 5.9k37.4M383](/packages/respect-validation)[seld/jsonlint JSON Linter 1.3k217.8M205](/packages/seld-jsonlint)[composer/spdx-licenses SPDX licenses list and validation library. 1.4k184.2M25](/packages/composer-spdx-licenses)[opis/json-schema Json Schema Validator for PHP 64736.9M186](/packages/opis-json-schema)[rollerworks/password-strength-validator Password-strength validator for Symfony 1455.7M6](/packages/rollerworks-password-strength-validator)[rollerworks/password-strength-bundle Password-strength validator bundle for Symfony 1433.7M6](/packages/rollerworks-password-strength-bundle) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)