A framework agnostic password checker for PHP.
$ composer require acurrieclark/php-password-verifier
// include autoloader if you haven't already
include_once('vendor/autoload.php');
use acurrieclark\PhpPasswordVerifier\Verifier;
// create an instance
$passwordVerifier = new Verifier();
// default options are permissive, so each constraint needs to be set as required
$passwordVerifier->setMinLength(8);
// constraints can also be chained
$passwordVerifier->setMaxLength(128)->setCheckContainsNumbers(true);
// check the password meets the requirements set (min length 8, max length 128, contains numbers)
$validPassword = $passwordVerifier->checkPassword("passwordToCheck");
Set the minimum required length of the password
Set the maximum allowed length of the password
Set the flag to check that the password contains at least one letter
Set the flag to check that the password contains at least one capital letter
Set the flag to check that the password contains at least one number
Set the flag to check that the password contains at least one number
Set the flag to check that the password contains at least one special character from {}()[]#,:;^.?!|&_`~@$%/\\=+-*"'
Set the flag to check if the password matches one of the 10000 most popular passwords from https://github.com/danielmiessler/SecLists
Verify the password based on the constraints imposed. Returns boolean.
Returns an array of errors relating to the verified password
Static: Returns an array of the special characters used to check against when setCheckContainsSpecialChrs(true)
has been set. Handy if you want to warn your users which characters they need to include.
The MIT License (MIT). Please see the License File for more information.