The Levels Are Not Explained

  • I am using the lastest versions of WordPress and Woocommerce. I don’t know if the plugin is working or not. There is no explanation of what levels 2-5 mean. Is level 4 (default) the same as Woocommerce (12 characters, etc.) and what are the requirements for level 3 (weak). Having it set to level 4 I still have to use the Woocommerce 12 characters, etc. It does not look like it is working.

Viewing 1 replies (of 1 total)
  • Plugin Author Danny Santoro

    (@danielsantoro)

    Automattic Happiness Engineer

    Hi there,

    You can test if the plugin is working by setting the required strength to Level 2, for example. Try to make a password aaa – it will be rejected. Set it to Level 1 where anything is accepted and it will go through. If you try weaker passwords at lower levels they’ll be accepted, while upping the strength requirement will reject them – it’s just a matter of trying it out to see it in action.

    For some background information, the password strength is determined by an open-source password strength estimator developed by Dropbox called zxcvbn, which you can see at the linked GitHub repository. It’s the same one used by WordPress core, and it’s not quite as easy to define each individual level or what requirements are needed for it because there aren’t really set requirements per level.

    Instead of just requiring a special character or a capital letter, it looks at the entire password for security, because password and PassW0Rd! are in actuality not that far apart security wise.

    Hopefully this helps clarify how it works – enjoy!

    • This reply was modified 7 years, 7 months ago by Danny Santoro. Reason: Added some formatting for easier reading
Viewing 1 replies (of 1 total)
  • The topic ‘The Levels Are Not Explained’ is closed to new replies.