Password Validator

Administration tool ::: tool_passwordvalidator
Maintained by Catalyst IT, Peter Burnett, Brendan Heywood
A tool for enforcing various security standards and guidelines for passwords for Moodle. This plugin aims for compliance with the Australian Information Security Manual (currently May 2019), and above that, the NIST standards from the document 800-63B. Many of the controls are optional and user configurable, with the most safe values set by default, but allow for great customization for any configuration, while enforcing safe, sensible guidelines for passwords. This password checks also include securely testing for potentially compromised passwords using: https://haveibeenpwned.com/
Latest release:
16 sites
4 downloads
7 fans
Current versions available: 1

A tool for enforcing various security standards and guidelines for passwords for Moodle. This plugin aims for compliance with
the Australian Information Security Manual (currently May 2019), and above that, the NIST standards from the document 800-63B. Many of the controls are optional and user configurable, with the most safe values set by default, but allow for great customization for any configuration, while enforcing safe, sensible guidelines for passwords.

Enabling this control checks the hash of the password against the HaveIBeenPwned breached passwords API, and disallows passwords that have been found in any of the catalogued breaches. The API only receives a partial hash so even if haveibeenpwned was compromised your good password hashes haven't been leaked.

https://haveibeenpwned.com/

For Support or Issues, please visit the GitHub repository at:

https://github.com/catalyst/moodle-tool_passwordvalidator

Screenshots

Screenshot #0
Screenshot #1
Screenshot #2
Screenshot #3
Screenshot #4
Screenshot #5
Screenshot #6
Screenshot #7

Contributors

Catalyst IT (Lead maintainer)
Peter Burnett: Developer
Brendan Heywood: Solutions Architect
Please login to view contributors details and/or to contact them

Comments RSS

Birta athugasemdir
Please login to post comments