bjeavons/zxcvbn-php
PHP port of Dropbox’s zxcvbn password strength estimator. Uses pattern matching and conservative entropy to score passwords 0–4, detect common words/names/patterns (dates, repeats, sequences, keyboard runs), and return user-friendly warnings/suggestions.
Adopt if:
Look elsewhere if:
dropbox/zxcvbn for JS).For Executives: "This library lets us upgrade password security without sacrificing user experience. Right now, we’re either rejecting strong passwords (because they don’t meet arbitrary rules) or accepting weak ones (because our checks are too simplistic). Zxcvbn-php gives us data-driven feedback—like telling users, ‘This password is risky because it appeared in the 2016 LinkedIn breach’—which can reduce support costs (fewer password reset requests) and lower fraud risk. It’s a low-code, high-impact way to align with modern security standards, and the MIT license means no hidden costs."
For Engineering: *"This is a drop-in replacement for our current password validation. Instead of enforcing ‘1 uppercase, 1 symbol,’ it uses adaptive scoring based on real-world breach data and cognitive psychology (e.g., penalizing ‘password123’ but accepting ‘correct horse battery staple’). The PHP port of the original JavaScript library means:
How can I help you explore Laravel packages today?