phpBB Extension - Password Strength

An extension for phpBB that will show users how strong (or weak) their password is as they type it into the password field when creating or updating their account.

phpbb, extension, password, strength, zxcvbn

Authors of extension

Install Extension

Install in ACP

Use our Install tool to install this Extension. Navigate to "CUSTOMISE - Install extensions" in the ACP of your forum and search for Password Strength and click the install button.

Manual install

Download the archive of the extension from here and unpack it. Copy then the entire contents of the archive to your phpBB forum to /ext/vse/passwordstrength, maybe you need to remove "_master" from the extracted folder. Now go into the admin area of the forum and chose the tab Customize, in the area Manage extensions is you now the extension Password Strength displayed under the disable extensions. Click behind the extension on the link Enable to activate the extension. After you have confirmed the action the extension is available in your forum.

Read me

Password Strength Password Strength

An extension for phpBB that will show users how strong (or weak) their password is as they type it into the password field when creating or updating their account.

Build Status Latest Stable Version


Try it out yourself here: (Online Demo)


  • Password field changes colors from red (weak) to green (strong) as the user types in a password.
  • Password strength is also labeled as 'Very Weak', 'Weak', 'Good', 'Strong' or 'Very Strong'.
  • Password Strength is active on new user registration, and in the UCP and ACP areas where you can enter new passwords.
  • Password Strength is scored using one of the available algorithms:
    1. Complexity is an unintelligent test that checks for complexity in a password by looking for a mix of characters, case, symbols, numbers and length. This is useful for encouraging hard to remember complex passwords, but can score easily cracked passwords like P@s$w0rd as Strong.
    2. zxcvbn algorithm (used by DropBox) is an intelligent algorithm that calculates the guess-ability of a password by comparing it to a large dictionary of common English words as well as looking for recognizable patterns like P@s$w0rd. This is a more robust strength checker that allows for user-friendly passwords that are easy to remember but still hard to guess. A Very Strong result represents a password that may take a computer years to centuries to guess.
  • Multiple languages are supported. View the pre-installed localizations.


  • Featured MOD of the Week in the phpBB Weekly Podcast, episode #166.

Minimum Requirements

  • phpBB 3.1.0 or phpBB 3.2.0
  • PHP 5.3.3


  1. Download the latest validated release.
  2. Unzip the downloaded release and copy it to the ext directory of your phpBB board.
  3. Navigate in the ACP to Customise -> Manage extensions.
  4. Look for Password Strength under the Disabled Extensions list and click its Enable link.
  5. Choose a Password Strength algorithm under User registration settings -> Password strength type.


  1. Navigate in the ACP to Customise -> Manage extensions.
  2. Click the Disable link for Password Strength.
  3. To permanently uninstall, click Delete Data, then delete the passwordstrength folder from phpBB/ext/vse/.


Password Strength is intended to encourage your forum users to use strong passwords. It does not guarantee protection against password attacks, nor does it force your users to use strong passwords. The business of scoring password strength is a tricky and hotly debated subject and you are encouraged to decide which of the strength test models included in this extension will work best for your forum.


GNU General Public License v2

© 2013 - Matt Friedman


No comments have been posted yet for this extension. Rate the extension now and write the first comment.

Last updated: 29. July 2018 04:12:55

Use this image

You can use this image on your Website to show visitors the rating of your Extension.


Image URL

Image HTML

<a href=""><img src="" alt="Password Strength"></a>


[![Password Strength](](

BB Code