NAME

Krang::PasswordHandler - implement a system wide password policy


SYNOPSIS

  if( pkg('PasswordHandler')->check_pw(
        $pw, 
        $user->login,
        $user->email,
        $user->first_name,
        $user->last_name,
    ) ) {
    # it's good to go
  } else {
    # tell the user to pick something else
  }


DESCRIPTION

This module implements the password policy for Krang. Anywhere a password is created or changed, it will need to pass this module's validation first.

It is quite likely that individual organizations will need to implement their own password policy, which makes this an ideal class to override in an addon.


INTERFACE

check_pw

This method receives the password and returns true if it passes all checks, false otherwise. It is possible for this module to also call add_alert() to indicate how the password fails the checks.

It receives the following ordered arguments

If you are implementing your own password policy, it might be necessary to check the password against this other information too.

Currently, the following validation rules are applied: