You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Free Xon - Password Tools 3.12.2
No permission to download
- Author XenBD
- Creation date
- Fix internal server error when registering an account without an email address (requires 3rd party addon to trigger)
- Fix server error when a password is very long
- Add "Force two-step verification" permission
- If enabled for a user, prevents email 2fa from being disabled
- For new installs add a "User has compromised password" user-group, and update the "User-group for compromised passwords" option to use it
- Align defaults with NIST Password Guidelines for 2024
- Update "New password validation rules" defaults. "Prevent passwords which contain the user's email or username, and the site's domain/name" defaults to true
- Update "Minimum password length" default to 15
- Require standardLib v1.20.0+
- Restore XF2.1 support, note front-end Zxcvbn requires XF2.2+
- Support XF2.3+
- php 8.4+ compatibility
- Add "Force password reset on compromised password" option
- This option is likely overkill for most sites, and is not generally recommended
- Fix changing user entity while a write is pending in some cases
- Add "Use rejected password fragments in password meter" option (default disabled).
Take rejected password fragments into consideration when showing the password strength meter to the user.
Security note: this makes the full list of rejected password fragments visible to end users; ensure that there aren't any sensitive password fragments before enabling.