Admin tools: Password Validator

tool_passwordvalidator
Maintained by Picture of Catalyst ITCatalyst IT, Picture of Peter BurnettPeter Burnett, Picture of Brendan HeywoodBrendan Heywood
A tool for enforcing various security standards and guidelines for passwords for Moodle. This plugin aims for compliance with the Australian Information Security Manual (currently May 2019), and above that, the NIST standards from the document 800-63B. Many of the controls are optional and user configurable, with the most safe values set by default, but allow for great customization for any configuration, while enforcing safe, sensible guidelines for passwords. This password checks also include securely testing for potentially compromised passwords using: https://haveibeenpwned.com/
10 sites
15 downloads
5 fans
Current versions available: 1

A tool for enforcing various security standards and guidelines for passwords for Moodle. This plugin aims for compliance with
the Australian Information Security Manual (currently May 2019), and above that, the NIST standards from the document 800-63B. Many of the controls are optional and user configurable, with the most safe values set by default, but allow for great customization for any configuration, while enforcing safe, sensible guidelines for passwords.

Enabling this control checks the hash of the password against the HaveIBeenPwned breached passwords API, and disallows passwords that have been found in any of the catalogued breaches. The API only receives a partial hash so even if haveibeenpwned was compromised your good password hashes haven't been leaked.

https://haveibeenpwned.com/

For Support or Issues, please visit the GitHub repository at:

https://github.com/catalyst/moodle-tool_passwordvalidator

Screenshots

Screenshot #0
Screenshot #1
Screenshot #2
Screenshot #3
Screenshot #4
Screenshot #5
Screenshot #6
Screenshot #7

Contributors

Picture of Catalyst IT
Catalyst IT (Lead maintainer)
Picture of Peter Burnett
Peter Burnett: Developer
Picture of Brendan Heywood
Brendan Heywood: Solutions Architect
Please login to view contributors details and/or to contact them

Comments RSS

Show comments
Please login to post comments