====== PassPolicy Plugin ====== ---- plugin ---- description: Better password security for DokuWiki author : Andreas Gohr email : andi@splitbrain.org type : action, helper lastupdate : 2025-05-21 compatible : Kaos, Librarian depends : conflicts : similar : tags : password downloadurl: https://github.com/splitbrain/dokuwiki-plugin-passpolicy/zipball/master bugtracker : https://github.com/splitbrain/dokuwiki-plugin-passpolicy/issues sourcerepo : https://github.com/splitbrain/dokuwiki-plugin-passpolicy/ donationurl: http://donate.dokuwiki.org/passpolicy screenshot_img : ---- ===== Installation ===== Search and install the plugin using the [[plugin:extension|Extension Manager]]. Refer to [[:Plugins]] on how to install plugins manually. ==== Changes ==== {{rss>https://github.com/splitbrain/dokuwiki-plugin-passpolicy/commits/master.atom date}} ===== Features ===== This plugins integrates multiple features to increase the strength of your users passwords. ==== Password Policies ==== Password policies are modeled after Microsoft's Active Directory policies. You define a number character types that //should// be used in a password and how many of them //have// to be used. Users will be denied to change their password to anything that does not match the configured policy. You may also specify that the password may not match the user name, or even parts of the user name. Passwords can also be checked against a list of the 10,000 most commonly used ones. Passwords can also be checked anonymously against the [[https://haveibeenpwned.com/Passwords|haveibeenpwned passwords API]]. Configuration is done in the Config Manager. ==== Password Generation ==== The plugin exchanges DokuWiki's default password generation with a better one using a much stronger random generator. The generator will also take your configured password policy into account and create matching passwords. You may also specify how strong generated passwords should be by giving the minimum number of bits of informations in them. The higher the number the stronger the password. The generator supports three types of passwords: * completely random passwords * pronouncable passwords (as in DokuWiki's default generator) * passphrases made up from a big list of English words and words in your wiki Configuration is done in the Config Manager. ==== Password Strength Indicator ==== The plugin adds a simple password strength indicator to all forms where new passwords can be set by the user or administrator. ==== Account Hint Suppression ==== By default, DokuWiki tries to be user friendly and will tell users when a given account in the password reset mechanism does not exists. This is to avoid frustrations where you wait for a mail that will never come because you entered a wrong user name. Some people consider this a security risk as it allows to automatically figure out if certain usernames exist or not. This plugin offers an option to suppress these kind of user friendly hints.