Password Strength Check Function

Description PHP

This function returns an array based on the password passed to it. It can determine if the password matches the optionally supplied $username.

Usage:
  $strength = checkPasswordStrength('rover','user531');

Then use the values in the returned array to do stuff from there.

The Code Download

  1. <?php
  2. function checkPasswordStrength($password, $username = false) {
  3.         $returns = array(
  4.             'strength' => 0,
  5.             'error'    => 0,
  6.             'text'     => ''
  7.         );
  8.  
  9.         $length = strlen($password);
  10.  
  11.         if ($length < 8) {
  12.             $returns['error']    = 1;
  13.             $returns['text']     = 'The password is not long enough';
  14.         } else {
  15.  
  16.             //check for a couple of bad passwords:
  17.             if ($username && strtolower($password) == strtolower($username)) {
  18.                 $returns['error']    = 4;
  19.                 $returns['text']     = 'Password cannot be the same as your Username';
  20.             } elseif (strtolower($password) == 'password') {
  21.                 $returns['error']    = 3;
  22.                 $returns['text']     = 'Password is too common';
  23.             } else {
  24.  
  25.                 preg_match_all ("/(.)\1{2}/", $password, $matches);
  26.                 $consecutives = count($matches[0]);
  27.  
  28.                 preg_match_all ("/\d/i", $password, $matches);
  29.                 $numbers = count($matches[0]);
  30.  
  31.                 preg_match_all ("/[A-Z]/", $password, $matches);
  32.                 $uppers = count($matches[0]);
  33.  
  34.                 preg_match_all ("/[^A-z0-9]/", $password, $matches);
  35.                 $others = count($matches[0]);
  36.  
  37.                 //see if there are 3 consecutive chars (or more) and fail!
  38.                 if ($consecutives > 0) {
  39.                     $returns['error']    = 2;
  40.                     $returns['text']     = 'Too many consecutive characters';
  41.  
  42.                 } elseif ($others > 1 || ($uppers > 1 && $numbers > 1)) {
  43.                     //bulletproof
  44.                     $returns['strength'] = 5;
  45.                     $returns['text']     = 'Virtually Bulletproof';
  46.  
  47.                 } elseif (($uppers > 0 && $numbers > 0) || $length > 14) {
  48.                     //very strong
  49.                     $returns['strength'] = 4;
  50.                     $returns['text']     = 'Very Strong';
  51.  
  52.                 } else if ($uppers > 0 || $numbers > 2 || $length > 9) {
  53.                     //strong
  54.                     $returns['strength'] = 3;
  55.                     $returns['text']     = 'Strong';
  56.  
  57.                 } else if ($numbers > 1) {
  58.                     //fair
  59.                     $returns['strength'] = 2;
  60.                     $returns['text']     = 'Fair';
  61.  
  62.                 } else {
  63.                     //weak
  64.                     $returns['strength'] = 1;
  65.                     $returns['text']     = 'Weak';
  66.                 }
  67.             }
  68.         }
  69.         return $returns;
  70.     }
  71. ?>

Credits

Added by JC on 19th December 2007

Comments

There are no comments about this snippet.

Post Comment Github Markdown Supported

You must be logged in to post a comment.

Login here to post a comment