Password Control Plugin
- Last Updated on Wednesday, 28 August 2013 09:31
- Published on Saturday, 24 September 2011 18:44
The Password Control System Plug-in is the first step in what is intended to be a comprehensive control system for Joomla passwords.
This extension is intended to introduce some security into the users access into Joomla. Currently as released Joomla has only a simple user name and password mechanism but there is no checking of the password itself once it is defined and it could easily be the same as the user name.
This release adds the long awaited checks upon users password in terms of the password specification criteria. It also incorporates an optional Password Generator that uses the site specified password criteria to derive a suitable password which the user can then select and which will be automatically entered into the password fields upon the form, without the need for the user to perform a 'cut and paste' action.
There is one fix incorporated in this release which addresses the usage of the users 'old' passwords stored in the control table when the PHP supplied routine is used. The database supplied routine is unaffected.
This release adds a few enhancements such as the ability to specify exemption groups and the change to specify the exempt users from a select list rather than providing the user ids specifically. The release reworks the 'single change' option to be more robust and also adds a PHP routine to update the control table for those users who cannot use the supplied database routine due to difficulties with thier hosting providers. The password checks are now performed in the onBeforeUserStore method so that the #__users tables is not undated if the password checking fails. There is also integration with Akeeba System Restore Points.
This release corrects a few minor problems and allows the specification of the redirection link. If also changes the database based password checking routine to be 'deterministic' which resolves a problem of the password checks failing if the underlying database binary logging is not set to 'row' or 'mixed' format.
This was never publicly released. It was a special one off release for a client running Joomla 1.5 and as such was specific to that version of Joomla.
This release corrects an error when displaying information about encountered database errors. It also changes the changelog display to use a modal window.
This release introduces Joomla 3.0 compatibility as well as correcting an unrequired 'feature' (resulting in a forced password change request when an administrator edits a users profile) and meeting 'Strict' PHP coding standards, thus removing warning messages displayed when the site reporting is set to 'development'. The documentation remains unchanged as no new functionality as been introduced other than the presence of a changelog in the description of the plugin.
This release was intended to mainly be a stabilisation release. There are however a few new features included. The main addition is to incorporate Joomla update functionality and an installation script. There is an enhancement to permit unlimited (well up to 999) previous passwords for a user, each of which is checked to prevent reuse. There is also the ability to not check the previous password at all if that is the sites policy. A minor addition is to allow integration with the Password Control component which is currently under development, and a few minor fixes required to resolve problems encountered with the 0.0.3 release.
Password Control User Profile Plug-in
The Password Control User Profile Plug-in is an optional piece of functionality that may be installed to provide the user will details of their most recent password change and the next scheduled forced change. It also provides the site administrator with similar visibility and and allows the next password change date to be set for an individual user. Certain restrictions apply. More details can be found in the Password Control documentation (see above).
This minor update changes the changelog display to use a modal window.
This release supports Joomla 3.x as well as meeting 'Strict' PHP coding standards, thus removing warning messages displayed when the site reporting is set to 'development'.
These plug-ins will become part of the Password Control Component (currently under development), but are intended to be retained as separate stand alone plug-ins for those who do not require additional functionality.
Recently Closed Issues
Close date: 2014-02-13 17:28:26
Close date: 2014-02-12 16:53:09
Close date: 2014-01-30 16:30:03
Close date: 2014-01-30 16:05:00
Close date: 2014-01-28 09:41:16
Quote(s) of the Day
All truths are easy to understand once they are discovered; the point is to discover them.
Try not to become a man of success but rather to become a man of value.
Never give in--never, never, never, never, in nothing great or small, large or petty, never give in except to convictions of honour and good sense. Never yield to force; never yield to the apparently overwhelming might of the enemy.