PHPackages stymiee/password-helper - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. stymiee/password-helper ActiveLibrary[Security](/categories/security) stymiee/password-helper ======================= A PHP library that makes using best practices with passwords easy by default 3.0.0(11mo ago)511.7k↓11.8%2Apache-2.0PHPPHP >=8.0.0CI passing Since Jun 10Pushed 11mo ago2 watchersCompare [ Source](https://github.com/stymiee/password-helper)[ Packagist](https://packagist.org/packages/stymiee/password-helper)[ Docs](https://github.com/stymiee/ppassword-helper)[ RSS](/packages/stymiee-password-helper/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (3)Dependencies (4)Versions (5)Used By (0) [![Latest Stable Version](https://camo.githubusercontent.com/9d07f67e291eee041630aebde40c85d3027298ba082aa3cbe93bb3b956653af0/68747470733a2f2f706f7365722e707567782e6f72672f7374796d6965652f70617373776f72642d68656c7065722f762f737461626c652e737667)](https://packagist.org/packages/stymiee/password-helper)[![Total Downloads](https://camo.githubusercontent.com/bf338bfc16e54189cde7c904be625ae5983a0914c221f75bff96f8066d9b0b15/68747470733a2f2f706f7365722e707567782e6f72672f7374796d6965652f70617373776f72642d68656c7065722f646f776e6c6f616473)](https://packagist.org/packages/stymiee/password-helper)[![Build](https://github.com/stymiee/password-helper/actions/workflows/php.yml/badge.svg)](https://github.com/stymiee/password-helper/actions/workflows/php.yml/badge.svg)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/2aa8736e4b7f60243c4beddb273a41610c96e42ae6d603bc1ad9495f82e03415/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f7374796d6965652f70617373776f72642d68656c7065722f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/stymiee/password-helper/?branch=master)[![License](https://camo.githubusercontent.com/6bb704e6474e80bc614b21520dd8da08664094e25a8472f90bbfe6961fd66db9/68747470733a2f2f706f7365722e707567782e6f72672f7374796d6965652f70617373776f72642d68656c7065722f6c6963656e7365)](https://packagist.org/packages/stymiee/password-helper) Password Helper (password-helper) ================================= [](#password-helper-password-helper) A PHP library that makes using best practices with passwords easy *by default*. Requirements ------------ [](#requirements) - PHP 8.0+ **Note**: There is a PHP 5 compatible version available (v1.0.0). However, it is no longer maintained and does not contain the improved logic found in v2 and newer. Installation ------------ [](#installation) Simply add a dependency on `stymiee/password-helper` to your project's `composer.json` file if you use [Composer](http://getcomposer.org/) to manage the dependencies of your project. Here is a minimal example of a `composer.json` file that just defines a dependency on Password Helper: ``` { "require": { "stymiee/password-helper": "^3" } } ``` Basic Usage ----------- [](#basic-usage) ### Configuration [](#configuration) To configure your Password Helper to suit your business requirements, you can set your password policy when creating your Password Helper object. There are six factors you can configure be required (or not) and, if required, the minimum criteria for that password characteristic. They are: 1. **minimumLength** - Sets the minimum length a password must be. (Default: 10) 2. **minimumSpecialChars** - Sets the minimum number of special characters required to be in the password (Default: 1) 3. **minimumUppercase** - Sets the minimum number of uppercase letters required to be in the password (Default: 1) 4. **minimumLowercase** - Sets the minimum number of lowercase letters required to be in the password (Default: 1) 5. **minimumLetters** - Sets the minimum number of total alphabetic characters required to be in the password (Default: 1) 6. **minimumDigits** - Sets the minimum number of numbers required to be in the password (Default: 1) If you do not pass any custom policy rules when creating your Password Helper it will default to the values listed above. ``` $passwordHelper = new Password(); ``` is equivalent to: ``` $passwordHelper = new Password([ 'minimumLetters' => 1, 'minimumDigits' => 1, 'minimumLowercase' => 1, 'minimumUppercase' => 1, 'minimumSpecialChars' => 1, 'minimumLength' => 10 ]); ``` To modify a policy you can pass it by name, with its custom value, to the constructor. The code below sets all the rules to require two of each type and sets a minimum password length of twelve characters. ``` $passwordHelper = new Password([ 'minimumLetters' => 2, 'minimumDigits' => 2, 'minimumLowercase' => 2, 'minimumUppercase' => 2, 'minimumSpecialChars' => 2, 'minimumLength' => 12 ]); ``` You only need to pass a custom value when you change its value from the default value. The code below only changes the values for `minimumDigits` and `minimumLength`. ``` $passwordHelper = new Password([ 'minimumDigits' => 2, 'minimumLength' => 12 ]); ``` To remove a requirement give it a value of zero. ``` $passwordHelper = new Password([ 'minimumSpecialChars' => 0 // Special characters are not required ]); ``` ### Generate a new password [](#generate-a-new-password) ``` $password = (\PasswordHelper\new Password())->generate(); // 8TpKC>&nQA ``` ### Validate a password is acceptable under your password policy [](#validate-a-password-is-acceptable-under-your-password-policy) ``` $password = \PasswordHelper\new Password(); echo var_dump($password->validateComplexity('!aa34sDDdfg7dfgdsfg2gg')); echo var_dump($password->validateComplexity('1234')); ``` **Outputs** ``` true false ``` ### Check the strength of a password [](#check-the-strength-of-a-password) ``` $password = \PasswordHelper\new Password(); echo $password->checkStrength('a'); echo $password->checkStrength('qr193'); echo $password->checkStrength('8TpKC>&nQA'); ``` **Outputs** ``` Very Weak Good Very Strong ``` ### Hash a password [](#hash-a-password) ``` $hashedPassword = (\PasswordHelper\new Password())->hash('secret1234'); ``` ### Validate a password [](#validate-a-password) ``` $password = \PasswordHelper\new Password(); if ($password->verify('secret1234', $row['password_hash'])) { // Let them in } else { // Authentication failure } ``` ### Update the hash of a password [](#update-the-hash-of-a-password) ``` $password = \PasswordHelper\new Password(); if ($password->checkForRehash($row['password_hash'])) { $newHash = $password->hash('secret1234'); // ... then save the new hash ... } ``` Support ------- [](#support) If you require assistance using this library, start by viewing the [HELP.md](HELP.md) file included in this package. It includes common problems and their solutions. There is also sample usage in the `/examples/` directory of this project. If you need additional assistance, I can be found at Stack Overflow. Be sure when you [ask a question](http://stackoverflow.com/questions/ask?tags=php,password) pertaining to the usage of this library be sure to tag your question with the **PHP** and **password** tags. Make sure you follow their [guide for asking a good question](http://stackoverflow.com/help/how-to-ask) as poorly asked questions will be closed, and I will not be able to assist you. A good question will include all the following: - A description of the problem (what are you trying to do? what results are you expecting? what results are you actually getting?) - The code you are using (only post the relevant code) - Any error message(s) you are getting **Do not use Stack Overflow to report bugs.** Bugs may be reported [here](https://github.com/stymiee/password-helper/issues/new). ### Health Score 42 — FairBetter than 90% of packages Maintenance51 Moderate activity, may be stable Popularity31 Limited adoption so far Community9 Small or concentrated contributor base Maturity63 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~910 days Total 3 Last Release 347d ago Major Versions 1.0.0 → 2.0.02020-06-10 2.0.0 → 3.0.02025-06-05 PHP version history (3 changes)1.0.0PHP >=5.6.0 2.0.0PHP >=7.2.0 3.0.0PHP >=8.0.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/557176f68c4c5c46271b70775fb6016a48d2ba51074cd2c72155c93b252a762c?d=identicon)[stymiee](/maintainers/stymiee) --- Top Contributors [![stymiee](https://avatars.githubusercontent.com/u/72497?v=4)](https://github.com/stymiee "stymiee (54 commits)") --- Tags phpsecuritypasswords ### Code Quality TestsPHPUnit Code StylePHP\_CodeSniffer ### Embed Badge ![Health badge](/badges/stymiee-password-helper/health.svg) ``` [![Health](https://phpackages.com/badges/stymiee-password-helper/health.svg)](https://phpackages.com/packages/stymiee-password-helper) ``` ### Alternatives [asbiin/laravel-webauthn Laravel Webauthn support 309574.8k](/packages/asbiin-laravel-webauthn)[defuse/php-passgen PHP Random Password Generator Library 4017.7k](/packages/defuse-php-passgen) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)