Hi,
I would like to change the default behavior of Joomla's password reminding mechanism. I would like to be provided with checking of the strength of a password and (optionally) with captcha capabilities. I was wondering if there's a free component for Joomla which I could install and use out-of-the-box.
If you don't mind hacking around in the core code, then you can look in the components\com_user\controller.php file. In the save() function, around line 82, it retrieves the user's password. At that point you could insert whatever code you like to check the password strength:
$passOK = true;
if($post['password'] != $post['password2']) {
$msg = JText::_('PASSWORDS_DO_NOT_MATCH');
$passOK = false;
} else if (strlen($post['password']) < 6 || !preg_match("/[0-9]/", $post['password'])) {
$msg = "The password is too short, or it doesn't contain any numbers.";
$passOK = false;
}
if (!$passOK) {
$return = @$_SERVER['HTTP_REFERER'];
if (empty($return) || !JURI::isInternal($return)) {
$return = JURI::base();
}
$this->setRedirect($return, $msg, 'error');
return false;
}