Jump to content

Enforcing strong passwords


ironfist

Recommended Posts

I have a client using prestashop (note I have no prior experience with prestashop).

The client has a very weak admin password, and I am pretty sure the same is true of all her other staff/admins too.

Is there any way to enforce strong passwords and to force all the admins to change their passwords if they are too weak?

 

 

Link to comment
Share on other sites

2 hours ago, juanrojas said:

All passwords are insecure, the most secure at this time is the double authentication factor

This is not true.

Passwrd1234 is an insecure password because it can be easily guessed or hacked by any basic hacking tool which tries common passwords and dictionary attacks.

gK£1lD09Uihngy%55873 is not insecure as it is randomly generated and cannot be guessed and will not be hacked by a brute force or dictionary attack. 

2 factor authentication add a 2nd layer of security by requiring a code from another authentication device, so just a username/password by itself is not enough.

 

Link to comment
Share on other sites

8 hours ago, AddWeb Solution said:

Do you want to show strong password sugesstions during login or change it from admin panel?

read the original question, you are literally telling me to do what I have asked how to do.
This is not helpful.

Link to comment
Share on other sites

Passwords are hashed so you can't really check now that they are strong or not. In PrestaShop 8 there is build in option to validate password for customer and emplyee too, so you can update your store to newest version or you can add code to password input that will validate password strength.

Link to comment
Share on other sites

On 4/18/2023 at 12:28 PM, juanrojas said:

the most secure at this time is the double authentication factor

I know a few people where 2 Factor security was not secure but the form they got hacked.
One part the Security forgets is their own staff.

Edited by Nickz (see edit history)
Link to comment
Share on other sites

59 minutes ago, endriu107 said:

Passwords are hashed so you can't really check now that they are strong or not. In PrestaShop 8 there is build in option to validate password for customer and emplyee too, so you can update your store to newest version or you can add code to password input that will validate password strength.

I have 1.7.8.8 I am not seeing any newer updates available.

 

Link to comment
Share on other sites

 

22 hours ago, ironfist said:

you are literally telling me to do what I have asked how to do

I just asked for clarification and for better understanding. Sorry, If that upsets you.

Anyways, You may use Strong Password Addon  https://addons.prestashop.com/en/website-security-access/20326-strong-e-store-passwords-reset-password-secure-e-shop.html

Edited by AddWeb Solution
removed the image (see edit history)
Link to comment
Share on other sites

Addweb, you didn't ask for clarication, you said "enforce strong passwords", which is what I was asking how to do.

Sorry if that upsets you, but that is what you said.

 

I will take a look at that plugin thanks.

 

 

Link to comment
Share on other sites

6 minutes ago, ironfist said:

you said "enforce strong passwords"

No, Actually I used a quote on those words from your post to be specific.

The question I asked was "Do you want to show strong password sugesstions during login or change it from admin panel?"

Anyways, That's fine. Kindly check the plugin shared in previous post. I hope that would help. Thanks!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...