Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Feature Requests
  3. Built-in password audit?

Built-in password audit?

Scheduled Pinned Locked Moved Feature Requests
feature-requestpasswordsecurity
7 Posts 4 Posters 1.2k Views 4 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • yusfY Offline
      yusfY Offline
      yusf
      wrote on last edited by girish
      #1

      Wouldn't it be nice to have Cloudron audit user password for known leaked ones via haveibeenpwned.com or similar? As admins we need to protect users from themselves if they're using bad passwords.

      jdaviescoatesJ 1 Reply Last reply
      3
      • yusfY yusf

        Wouldn't it be nice to have Cloudron audit user password for known leaked ones via haveibeenpwned.com or similar? As admins we need to protect users from themselves if they're using bad passwords.

        jdaviescoatesJ Offline
        jdaviescoatesJ Offline
        jdaviescoates
        wrote on last edited by
        #2

        @yusf yes, I'd like to be able to force users to use strong passwords too (like I can in WordPress)

        I use Cloudron with Gandi & Hetzner

        yusfY 1 Reply Last reply
        0
        • jdaviescoatesJ jdaviescoates

          @yusf yes, I'd like to be able to force users to use strong passwords too (like I can in WordPress)

          yusfY Offline
          yusfY Offline
          yusf
          wrote on last edited by
          #3

          @jdaviescoates That would be another great password-enhancing feature for sure. At this point I'd just be happy if users don't use pwned ones. 😆

          1 Reply Last reply
          1
          • girishG Offline
            girishG Offline
            girish
            Staff
            wrote on last edited by
            #4

            There's a nice API for HIBP - https://haveibeenpwned.com/API/v3 but it seems there is a fee as well, so we have to make it an optional feature.

            I would like to see something like https://github.com/dropbox/zxcvbn integrated (this is just a UI password strength checker).

            1 Reply Last reply
            2
            • ? Offline
              ? Offline
              A Former User
              wrote on last edited by
              #5

              How about:-

              How Secure is My Password for your own website
              https://github.com/howsecureismypassword/hsimp
              https://howsecureismypassword.net/

              1 Reply Last reply
              2
              • girishG Offline
                girishG Offline
                girish
                Staff
                wrote on last edited by
                #6

                @Hillside502 yeah, just noticed zxcvbn hasn't seen much activity in 3 years.

                1 Reply Last reply
                1
                • ? Offline
                  ? Offline
                  A Former User
                  wrote on last edited by
                  #7

                  Firefox Monitor Server -- breach data is powered by haveibeenpwned
                  https://github.com/mozilla/blurts-server
                  https://monitor.firefox.com/

                  1 Reply Last reply
                  2
                  Reply
                  • Reply as topic
                  Log in to reply
                  • Oldest to Newest
                  • Newest to Oldest
                  • Most Votes


                    • Login

                    • Don't have an account? Register

                    • Login or register to search.
                    • First post
                      Last post
                    0
                    • Categories
                    • Recent
                    • Tags
                    • Popular
                    • Bookmarks
                    • Search