PHPackages philiprehberger/php-password-strength - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Validation & Sanitization](/categories/validation) 4. / 5. philiprehberger/php-password-strength ActiveLibrary[Validation & Sanitization](/categories/validation) philiprehberger/php-password-strength ===================================== Password strength validation with entropy calculation and common password detection v1.0.2(1mo ago)11[1 PRs](https://github.com/philiprehberger/php-password-strength/pulls)MITPHPPHP ^8.2CI passing Since Mar 13Pushed 1mo agoCompare [ Source](https://github.com/philiprehberger/php-password-strength)[ Packagist](https://packagist.org/packages/philiprehberger/php-password-strength)[ Docs](https://github.com/philiprehberger/php-password-strength)[ RSS](/packages/philiprehberger-php-password-strength/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (3)Versions (3)Used By (0) PHP Password Strength ===================== [](#php-password-strength) [![Tests](https://github.com/philiprehberger/php-password-strength/actions/workflows/tests.yml/badge.svg)](https://github.com/philiprehberger/php-password-strength/actions/workflows/tests.yml)[![Latest Version on Packagist](https://camo.githubusercontent.com/dc3eb96a407be57bd68ab0c457281cf82fa578ed7947fc0bb108a6adbcb7626e/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f7068696c69707265686265726765722f7068702d70617373776f72642d737472656e6774682e737667)](https://packagist.org/packages/philiprehberger/php-password-strength)[![License](https://camo.githubusercontent.com/b07c1d7e28c3c12368250eb0cbc2426bb7d049bf7cbedddb7d0da84c9c1d424c/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f7068696c69707265686265726765722f7068702d70617373776f72642d737472656e677468)](LICENSE) Password strength validation with entropy calculation and common password detection. Requirements ------------ [](#requirements) - PHP 8.2+ Installation ------------ [](#installation) ``` composer require philiprehberger/php-password-strength ``` Usage ----- [](#usage) ### Checking password strength [](#checking-password-strength) ``` use PhilipRehberger\PasswordStrength\PasswordStrength; $result = PasswordStrength::check('MyP@ssw0rd!2026'); echo $result->score; // 0-4 echo $result->label(); // "very weak", "weak", "fair", "strong", or "very strong" echo $result->entropy; // Shannon entropy in bits echo $result->isCommon; // true if found in common passwords list echo $result->length; // Password length // Improvement suggestions foreach ($result->suggestions as $suggestion) { echo $suggestion; } // Array representation $array = $result->toArray(); ``` ### Quick validation [](#quick-validation) ``` use PhilipRehberger\PasswordStrength\PasswordStrength; // Returns true if score >= 3 (strong) if (PasswordStrength::isStrong('MyP@ssw0rd!2026')) { echo 'Password is strong enough.'; } // Custom minimum score if (PasswordStrength::isStrong('MyP@ssw0rd!2026', minScore: 4)) { echo 'Password is very strong.'; } ``` API --- [](#api) ### `PasswordStrength` [](#passwordstrength) MethodDescription`PasswordStrength::check(string $password): StrengthResult`Analyse a password and return a result`PasswordStrength::isStrong(string $password, int $minScore = 3): bool`Returns `true` if the score meets the minimum### `StrengthResult` [](#strengthresult) Property / MethodTypeDescription`score``int`Strength score from 0 to 4`entropy``float`Shannon entropy in bits`isCommon``bool`Whether the password is in the common list`length``int`Password length in characters`suggestions``array`List of improvement suggestions`label(): string`—Human label: `very weak`, `weak`, `fair`, `strong`, `very strong``toArray(): array`—Serialize to array### Score Meanings [](#score-meanings) ScoreLabelDescription0Very WeakTrivial or common password1WeakLow entropy or very short2FairModerate entropy, room to improve3StrongGood entropy and character variety4Very StrongExcellent entropy and lengthDevelopment ----------- [](#development) ``` composer install vendor/bin/phpunit vendor/bin/pint --test vendor/bin/phpstan analyse ``` License ------- [](#license) MIT ### Health Score 38 — LowBetter than 85% of packages Maintenance89 Actively maintained with recent releases Popularity4 Limited adoption so far Community6 Small or concentrated contributor base Maturity47 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~4 days Total 2 Last Release 56d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/cfd7d24cbbf32400fa13ce0bbe7a31edd2d66a6d4488eafdb3d64c5337bf0435?d=identicon)[philiprehberger](/maintainers/philiprehberger) --- Top Contributors [![philiprehberger](https://avatars.githubusercontent.com/u/8218077?v=4)](https://github.com/philiprehberger "philiprehberger (9 commits)") --- Tags validationsecuritypasswordentropystrength ### Code Quality TestsPHPUnit Static AnalysisPHPStan Code StyleLaravel Pint Type Coverage Yes ### Embed Badge ![Health badge](/badges/philiprehberger-php-password-strength/health.svg) ``` [![Health](https://phpackages.com/badges/philiprehberger-php-password-strength/health.svg)](https://phpackages.com/packages/philiprehberger-php-password-strength) ``` ### Alternatives [karser/karser-recaptcha3-bundle Google ReCAPTCHA v3 for Symfony 1862.4M7](/packages/karser-karser-recaptcha3-bundle)[schuppo/password-strength This package provides a validator for ensuring strong passwords in Laravel 4 applications. 1432.7M1](/packages/schuppo-password-strength)[siriusphp/validation Data validation library. Validate arrays, array objects, domain models etc using a simple API. Easily add your own validators on top of the already dozens built-in validation rules 181743.3k13](/packages/siriusphp-validation)[kartik-v/strength-meter A dynamic strength meter for password input validation with various configurable options. 871.2M4](/packages/kartik-v-strength-meter)[jbafford/password-strength-bundle Provides a password strength validator 28468.6k](/packages/jbafford-password-strength-bundle)[olssonm/l5-zxcvbn Implementation of the zxcvbn project by @dropbox for Laravel. Uses zxcvbn-php by @bjeavons. 28311.1k1](/packages/olssonm-l5-zxcvbn) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)