PHPackages martinssipenko/password-policy - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. martinssipenko/password-policy Abandoned → [martinssipenko/password-policy](/?search=martinssipenko%2Fpassword-policy)Library[Security](/categories/security) martinssipenko/password-policy ============================== A tool for managing password policies 1.0.0(11y ago)356.1k↓42.4%MITPHPPHP >=5.3.0 Since Sep 23Pushed 11y agoCompare [ Source](https://github.com/martinssipenko/password-policy)[ Packagist](https://packagist.org/packages/martinssipenko/password-policy)[ Docs](https://github.com/vocjunior/password-policy)[ RSS](/packages/martinssipenko-password-policy/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)DependenciesVersions (2)Used By (0) PasswordPolicy ============== [](#passwordpolicy) A tool for checking and creating password policies in PHP and JS. Installation ------------ [](#installation) Use composer to setup an autoloader ``` php composer.phar install ``` Require the composer autoload file: ``` require_once 'vendor/autoload.php'; ``` Usage: ------ [](#usage) To use, first instantiate the core policy object: ``` $policy = new \PasswordPolicy\Policy; ``` Then, add rules: ``` $policy->contains('lowercase', $policy->atLeast(2)); ``` ### Supported rule helper methods are: [](#supported-rule-helper-methods-are) - `contains($class, $constraint = null, $description = '')`: Checks to see if a password contains a class of chars Supported Short-Cut classes: - `letter` - `a-zA-Z` - `lowercase` - `a-z` - `uppercase` - `A-Z` - `digit` - `0-9` - `symbol` - `^a-zA-Z0-9` (in other words, non-alpha-numeric) - `null` - `\0` - `alnum` - `a-zA-Z0-9` The second param is a constraint (optional) - `length($constraint)`: Checks the length of the password matches a constraint - `endsWith($class, $description = '')`: Checks to see if the password ends with a character class. - `startsWith($class, $description = '')`: Checks to see if the password starts with a character class. - `notMatch($regex, $description)`: Checks if the password does not match a regex. - `match($regex, $description)`: Checks if the password matches the regex. ### Supported Constraints: [](#supported-constraints) The policy also has short-cut helpers for creating constraints: - `atLeast($n)`: At least the param matches Equivilant to `between($n, PHP_INT_MAX)` - `atMost($n)`: At most the param matches Equivilant to `between(0, $n)` - `between($min, $max)`: Between $min and $max number of matches - `never()`: No matches Equivilant to `between(0, 0)` Testing the policy ------------------ [](#testing-the-policy) Once you setup the policy, you can then test it in PHP using the `test($password)` method. ``` $result = $policy->test($password); ``` The result return is a stdclass object with two members, result and messages. - `$result->result` - A boolean if the password is valid. - `$result->messages` - An array of messages Each message is an object of two members: - `$message->result` - A boolean indicating if the rule passed - `$message->message` - A textual description of the rule Using JavaScript ---------------- [](#using-javascript) Once you've built the policy, you can call `toJavaScript()` to generate a JS anonymous function for injecting into JS code. ``` $js = $policy->toJavaScript(); echo "var policy = $js;"; ``` Then, the policy object in JS is basically a wrapper for `$policy->test($password)`, and behaves the same (same return values). ``` var result = policy(password); if (!result.result) { /* Process Messages To Display Failure To User */ } ``` One note for the JavaScript, any regular expressions that you write need to be deliminated by `/` and be valid JS regexes (no PREG specific functionality is allowed). ### Health Score 34 — LowBetter than 77% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity32 Limited adoption so far Community10 Small or concentrated contributor base Maturity58 Maturing project, gaining track record Bus Factor1 Top contributor holds 50% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 4255d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/0fbc62909d7c404c0ac2d74357091abf36fe1677210581bb1dd8c5b7e5959bf4?d=identicon)[martinssipenko](/maintainers/martinssipenko) --- Top Contributors [![ircmaxell](https://avatars.githubusercontent.com/u/660654?v=4)](https://github.com/ircmaxell "ircmaxell (4 commits)")[![martinssipenko](https://avatars.githubusercontent.com/u/598744?v=4)](https://github.com/martinssipenko "martinssipenko (2 commits)")[![radmen](https://avatars.githubusercontent.com/u/1190255?v=4)](https://github.com/radmen "radmen (1 commits)")[![vocjunior](https://avatars.githubusercontent.com/u/8618094?v=4)](https://github.com/vocjunior "vocjunior (1 commits)") --- Tags passwordPolicy ### Embed Badge ![Health badge](/badges/martinssipenko-password-policy/health.svg) ``` [![Health](https://phpackages.com/badges/martinssipenko-password-policy/health.svg)](https://phpackages.com/packages/martinssipenko-password-policy) ``` ### Alternatives [ircmaxell/password-compat A compatibility library for the proposed simplified password hashing algorithm: https://wiki.php.net/rfc/password\_hash 2.1k56.8M122](/packages/ircmaxell-password-compat)[symfony/password-hasher Provides password hashing utilities 814137.2M91](/packages/symfony-password-hasher)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 87117.5M63](/packages/bjeavons-zxcvbn-php)[rych/phpass PHP Password Library: Easy, secure password management for PHP 248801.7k4](/packages/rych-phpass)[mikemclin/laravel-wp-password Laravel package that checks and creates WordPress password hashes 863.4M2](/packages/mikemclin-laravel-wp-password)[bordoni/phpass Portable PHP password hashing framework 244.4M26](/packages/bordoni-phpass) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)