Enforcing strong passwords

[ironfist]

I have a client using prestashop (note I have no prior experience with prestashop).

The client has a very weak admin password, and I am pretty sure the same is true of all her other staff/admins too.

Is there any way to enforce strong passwords and to force all the admins to change their passwords if they are too weak?

 

 

[juanrojas]

All passwords are insecure, the most secure at this time is the double authentication factor

[ironfist]

2 hours ago, juanrojas said:

All passwords are insecure, the most secure at this time is the double authentication factor

This is not true.

Passwrd1234 is an insecure password because it can be easily guessed or hacked by any basic hacking tool which tries common passwords and dictionary attacks.

gK£1lD09Uihngy%55873 is not insecure as it is randomly generated and cannot be guessed and will not be hacked by a brute force or dictionary attack. 

2 factor authentication add a 2nd layer of security by requiring a code from another authentication device, so just a username/password by itself is not enough.

 

[AddWeb Solution]

15 hours ago, ironfist said:

enforce strong passwords

Do you want to show strong password sugesstions during login or change it from admin panel?

[ironfist]

8 hours ago, AddWeb Solution said:

Do you want to show strong password sugesstions during login or change it from admin panel?

read the original question, you are literally telling me to do what I have asked how to do.
This is not helpful.

[endriu107]

Passwords are hashed so you can't really check now that they are strong or not. In PrestaShop 8 there is build in option to validate password for customer and emplyee too, so you can update your store to newest version or you can add code to password input that will validate password strength.

[Nickz]

On 4/18/2023 at 12:28 PM, juanrojas said:

the most secure at this time is the double authentication factor

I know a few people where 2 Factor security was not secure but the form they got hacked.
One part the Security forgets is their own staff.

Edited April 19, 2023 by Nickz (see edit history)

[ironfist]

59 minutes ago, endriu107 said:

Passwords are hashed so you can't really check now that they are strong or not. In PrestaShop 8 there is build in option to validate password for customer and emplyee too, so you can update your store to newest version or you can add code to password input that will validate password strength.

I have 1.7.8.8 I am not seeing any newer updates available.

 

[AddWeb Solution]

 

22 hours ago, ironfist said:

you are literally telling me to do what I have asked how to do

I just asked for clarification and for better understanding. Sorry, If that upsets you.

Anyways, You may use Strong Password Addon :  https://addons.prestashop.com/en/website-security-access/20326-strong-e-store-passwords-reset-password-secure-e-shop.html

Edited April 20, 2023 by AddWeb Solution
removed the image (see edit history)

[ironfist]

Addweb, you didn't ask for clarication, you said "enforce strong passwords", which is what I was asking how to do.

Sorry if that upsets you, but that is what you said.

 

I will take a look at that plugin thanks.

 

 

[AddWeb Solution]

6 minutes ago, ironfist said:

you said "enforce strong passwords"

No, Actually I used a quote on those words from your post to be specific.

The question I asked was "Do you want to show strong password sugesstions during login or change it from admin panel?"

Anyways, That's fine. Kindly check the plugin shared in previous post. I hope that would help. Thanks!