PHPackages sphdd/password\_policy - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. sphdd/password\_policy ActiveDrupal-module[Authentication & Authorization](/categories/authentication) sphdd/password\_policy ====================== Password Policy management for Drupal 8. 1260PHP Since Apr 6Pushed 8y ago2 watchersCompare [ Source](https://github.com/SPHDD/password_policy)[ Packagist](https://packagist.org/packages/sphdd/password_policy)[ RSS](/packages/sphdd-password-policy/feed)WikiDiscussions master Synced 2mo ago READMEChangelogDependenciesVersions (1)Used By (0) password\_policy ================ [](#password_policy) This is a Drupal 8 module for the Password Policy module. This is comprised of constraints and policies. Constraints are different ways that you can restrict a password. A policy is an instance of a constraint that define specific parameters for the constraint. Policies are applied through Drupal's role-based permissions system. Password Policy comes bundled with a password expiration feature. Policies define a time-based expiration logic (based on days) and administrators have the ability to manually expire all passwords by role. **Enable** - Download and enable the module **Plugins** All plugins are installed as separate modules. The only policies that are out of the box is the Password Reset feature. - Password Expiration (time-based or manually forced, built in feature of Password Policy) - Password Length (submodule of Password Policy) - Zxcvbn ([https://github.com/nerdstein/password\_policy\_zxcvbn](https://github.com/nerdstein/password_policy_zxcvbn)) **Configure** - Enable all plugin modules - Go to Password Policy's configuration page (/admin/config/security/password/settings) - Add policies by clicking on the tab for each plugin - Go to the permissions page (/admin/people/permissions) - Select which roles the policies applies to **Architecture** - Password policy provides a plugin manager that defines an interface for constraints and the constraint's policies - Policies are implemented as permissions and enforced on the user form - Password expiration implements an event subscriber and forces a user to his/her user form upon expiration - Password time-based expiration leverages cron for tagging accounts as expired ### Health Score 23 — LowBetter than 27% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity13 Limited adoption so far Community14 Small or concentrated contributor base Maturity41 Maturing project, gaining track record Bus Factor1 Top contributor holds 59.1% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/c48ffe478fe57a88caa4f85af005420e435730a6985fbd7ba8e842181cd62cf4?d=identicon)[ProFire](/maintainers/ProFire) --- Top Contributors [![adam-bergstein](https://avatars.githubusercontent.com/u/57235053?v=4)](https://github.com/adam-bergstein "adam-bergstein (91 commits)")[![nerdstein](https://avatars.githubusercontent.com/u/966547?v=4)](https://github.com/nerdstein "nerdstein (40 commits)")[![ProFire](https://avatars.githubusercontent.com/u/277493?v=4)](https://github.com/ProFire "ProFire (8 commits)")[![EclipseGc](https://avatars.githubusercontent.com/u/105393?v=4)](https://github.com/EclipseGc "EclipseGc (7 commits)")[![lahoosascoots](https://avatars.githubusercontent.com/u/3409685?v=4)](https://github.com/lahoosascoots "lahoosascoots (5 commits)")[![damontgomery](https://avatars.githubusercontent.com/u/397902?v=4)](https://github.com/damontgomery "damontgomery (2 commits)")[![Craigmoore](https://avatars.githubusercontent.com/u/267766?v=4)](https://github.com/Craigmoore "Craigmoore (1 commits)") ### Embed Badge ![Health badge](/badges/sphdd-password-policy/health.svg) ``` [![Health](https://phpackages.com/badges/sphdd-password-policy/health.svg)](https://phpackages.com/packages/sphdd-password-policy) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)