[Plone 5.x] Stronger password for users

on Plone 5.x is there a way/method/tool to force users to choose a stronger password (for ex. Numbers, letters and special char)?
I've found https://github.com/collective/Products.PasswordStrength , but I found only 4.x refs.


maybe some bugs are still there?

We are using it in production on 5.0. It's possible it dosnt work on 5.1 or 5.2 as no one has added tests for it.
There is another plugin that is being used by others. It could be this one https://pypi.org/project/collective.pwexpiry/

I guess most of this assumes you use the MemberData properties panel for new users. Let me give you an alternative approach, as Plone allows you to bind a custom ContentType to user creation which allows you to effectively design and deploy your own user creation form, properties and views etc...

This seems to be a not very well known feature, but of course with this option you could create your own password field with both client and server side validation for using stronger passwords.


Here you can enable "Turn folder creation on" and then define a custom user ContentType which is linked to your MemberData.

Of course, this assumes you are willing to make some custom views though...

Out of curiosity (with this approach):

  • Is there a 'simple way' of making different fields for different groups (for example the member group does not have the URL and image fields).
  • Is there a (not too complicated) way of having the users update their information and/or password on regular basis (for example once a year or first login after New Year ?

Plone Foundation Code of Conduct