Hi Gary:

Only affects new passwords entered in mod_user.html. You'll need to add similar javascript.to 'add_user.html'. You can do the same in squirrelmail if you can find the correct place to slug in the javascript. The code analyzes text entered in the input field 'password' and grays out the submit button until the password meets the test criteria. It's pretty basic code and I'm sure javascript experts could do a lot to improve it and give more clues to the users.

Once of the problems with messing with the templates is that there is no table defining the hash mark codes like ##tt ##tu ##X251. If anyone has a cheat sheet please share.


On 4/5/2018 7:42 AM, Gary Bowling wrote:

Thanks Jeff. Just to make sure, if I do that edit it doesn't affect any existing passwords? Only inputting any new passwords or changing any passwords?

Also, I guess a user can still change their password via squirrelmail and bypass these rules? That rarely happens on my server, but just want to make sure I understand.

Thanks, Gary

On 4/4/2018 11:03 PM, Jeff Koch wrote:
You can insert javascript password rules in the html code templates for qmailadmin.

Here's a simple password strength javascript that goes in the top of mod_user.html


function passwordStrength(password)
        var desc = new Array();
        desc[0] = "Very Weak";
        desc[1] = "Weak";
        desc[2] = "Better";
        desc[3] = "Medium";
        desc[4] = "Strong";
        desc[5] = "Strongest";

        var score   = 0;

        //if password bigger than 7 give 1 point
        if (password.length > 7) score++;

        //if password has both lower and uppercase characters give 1 point         if ( ( password.match(/[a-z]/) ) && ( password.match(/[A-Z]/) ) ) score++;

        //if password has at least one number give 1 point
        if (password.match(/\d+/)) score++;

        //if password has at least one special characther give 1 point
        if ( password.match(/.[!,@,#,$,%,^,&,*,?,_,~,-,(,)]/) ) score++;

        //if password bigger than 12 give another 1 point
        if (password.length > 12) score++;

document.getElementById("passwordDescription").innerHTML = desc[score];
         document.getElementById("passwordStrength").className = "strength" + score;

         if (score > 2 ) {
           document.getElementById("btnSubmit").disabled = false;
           document.getElementById("btnSubmit").disabled = true;

         return score;


then further along in the code we have:

                                  <td align="left" class="style1">
                                    <input type="password" name="password2" maxlength=128 size=16>
                        <td align=right><span class="style1">Password strength:</span></td>                         <td align="left"><span class="style1"><div id="passwordDescription">Password not entered</div></td>
                        <td align=right><span class="style1"></span></td>
                        <td align="left"><span class="style1">
                        <div id="passwordStrength" class="strength0"></div>
<tr><td colspan=2 align=left>
<span class="style1">Passwords must be at least eight characters and include three of the following four types: upper case letters, lower case letters, numbers and special characters.</span>

Regards, Jeff

On 4/4/2018 6:51 PM, Gary Bowling wrote:

Last time I checked it was either not possible or not easy to implement password rules one the toaster. But that was a long time ago.

Has anything changed in that regard?

Gary Bowling
--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Reply via email to