PHPackages vendic/magento2-admin-password-policy - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. vendic/magento2-admin-password-policy ActiveMagento2-module[Security](/categories/security) vendic/magento2-admin-password-policy ===================================== Implementation of policy for admin passwords. 1.0.7(5mo ago)03581MITPHPPHP ~8.2.0||~8.3.0||~8.4.0CI failing Since Feb 26Pushed 5mo ago1 watchersCompare [ Source](https://github.com/Vendic/magento2-admin-password-policy)[ Packagist](https://packagist.org/packages/vendic/magento2-admin-password-policy)[ RSS](/packages/vendic-magento2-admin-password-policy/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (8)Dependencies (2)Versions (15)Used By (0) Vendic\_AdminPasswordPolicy =========================== [](#vendic_adminpasswordpolicy) This module adds additional rules for admin passwords. It ensures that the following criteria are met for admin passwords: - Password does not contain first name, last name, username or email of the user. - Password does not contain 'guest', 'admin', or 'password'. - Password has at least one lowercase letter. - Password has at least one uppercase letter. - Password has at least one special character. Additional rules can be added through `di.xml` to the `rules` constructor parameter of the following class: `Vendic\AdminPasswordPolicy\Plugin\ValidatePassword`Additional forbidden words can be added through `di.xml` to the `forbiddenWords` constructor parameter of the following class: `Vendic\AdminPasswordPolicy\Rules\DoesNotContain` Users who have not logged in the past 90 days will automatically be set on inactive by a cron job that runs every midnight. It is possible to exclude users from being marked as inactive via configuration. Installation ------------ [](#installation) ``` composer require vendic/magento2-admin-password-policy ``` Configuration ------------- [](#configuration) None at this moment. Feel free to create a pull request if you need specific settings. Check the [issues](https://github.com/Vendic/magento2-admin-password-policy/issues) for tickets that need help. Compatibility ------------- [](#compatibility) - Magento 2 or [Mage-OS](https://mage-os.org/) ^2.4.4 License ------- [](#license) [MIT](https://github.com/Vendic/magento2-admin-password-policy/blob/main/LICENSE) Authors ------- [](#authors) - [Zaahed Yaqubi](https://vendic.nl/) ### Health Score 46 — FairBetter than 93% of packages Maintenance77 Regular maintenance activity Popularity17 Limited adoption so far Community13 Small or concentrated contributor base Maturity66 Established project with proven stability Bus Factor1 Top contributor holds 55.6% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~92 days Recently: every ~161 days Total 8 Last Release 157d ago PHP version history (3 changes)1.0.0PHP ~8.2.0 1.0.5PHP ~8.2.0||~8.3.0 1.0.7PHP ~8.2.0||~8.3.0||~8.4.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/459ec352617fd5a9f46070338b99ed03828fc902eb0a361aed717576e67bd2c4?d=identicon)[TjitseE](/maintainers/TjitseE) --- Top Contributors [![andrei-lisovski](https://avatars.githubusercontent.com/u/158823392?v=4)](https://github.com/andrei-lisovski "andrei-lisovski (10 commits)")[![Zaahed](https://avatars.githubusercontent.com/u/39271781?v=4)](https://github.com/Zaahed "Zaahed (4 commits)")[![OlgaVendic](https://avatars.githubusercontent.com/u/174311660?v=4)](https://github.com/OlgaVendic "OlgaVendic (2 commits)")[![Tjitse-E](https://avatars.githubusercontent.com/u/14849044?v=4)](https://github.com/Tjitse-E "Tjitse-E (2 commits)") ### Embed Badge ![Health badge](/badges/vendic-magento2-admin-password-policy/health.svg) ``` [![Health](https://phpackages.com/badges/vendic-magento2-admin-password-policy/health.svg)](https://phpackages.com/packages/vendic-magento2-admin-password-policy) ``` ### Alternatives [veriteworks/cookiefix Magento2 extension for Cookie SameSite attribute. 65455.3k1](/packages/veriteworks-cookiefix)[dotdigital/dotdigital-magento2-extension Dotdigital for Magento 2 50374.2k18](/packages/dotdigital-dotdigital-magento2-extension)[imi/magento2-friendly-captcha Friendly Captcha integration for Magento2 18116.2k](/packages/imi-magento2-friendly-captcha)[basecom/magento2-csp-split-header Magento 2 module to split oversized CSP headers into multiple headers. 5256.6k](/packages/basecom-magento2-csp-split-header)[pixelopen/magento-cloudflare-turnstile Protect your store from spam messages and spam user accounts with Cloudflare Turnstile 5325.4k1](/packages/pixelopen-magento-cloudflare-turnstile)[yireo/magento2-csp-whitelist-inline-js Magento module to automatically add inline JS script to CSP whitelist 2974.7k](/packages/yireo-magento2-csp-whitelist-inline-js) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)