Force Password Complexity - Joomla! Modul - Logo


Name: Force Password Complexity - Version: 3.1.1 / / - Type: Plugin - License: GPLv3
Description: The plugin checks entered passwords and rejects weak passwords - Joomla! Extensions Directory

Overview of all downloads of the extension: FPC - Force Password Complexity Downloads

Strong passwords are enforced based on individual rules with this plugin

Plugin: FPC - Force Password Complexity
Function: Increase of the overall security of the system by good, strong passwords.
Languages: English and German

The system plugin checks the user passwords using defined security patterns and rejects weak passwords. In this way FPC ensures stronger security of the whole system. The execution of the plugin and the checks of the passwords can be set completely customized to ensure an own standard of security. There is also an option to allow weak passwords for certain user groups, but to inform them by a warning about the weak password. This option should only be used for non-critical user groups.


  • Force secure, good passwords with individual rules
  • Suggest a password that fits the seurity criteria (PRO)
  • Set precise execution rules:
    • Execution in front- and / or backend
    • Restrict to specific user groups
    • Restriction with warning notice for unselected groups possible
    • Check the type of users - only new, existing or all users
  • Individual checks for secure passwords:
    • Minimum length of passwords
    • Minimum size of the entropy of passwords
    • Forbid parts of the name and the e-mail address
    • Maximum number same and same consecutive characters
    • Force character types: uppercase / lowercase letters, numbers and special characters
  • Plugin is small and fast, doesn't need a big framework
  • Fast, clean code
  • Languages: English and German


Install the plugin in the backend. Configure and activate it in Extensions -> Plugins -> System - Force Password Complexity - FPC.

The settings of FPC are divided into two parts: Execution and Checks.

Under Execution you may change the settings, how and where the plugin is executed. The application can be restricted to the front- and / or backend, on specific user groups and the status of the user. Additionally you may show a warning, to not specified users, that the entered password has been saved but it has been evaluated by the system to be insecure.

Under Checks you may define individual check patterns to guarantee secure passwords. You may define a minimum length and entropy of the password. Entropy is a measure of the uncertainty in a random variable. The higher the number, the better (more complex) the password. You have the ability to forbid parts of the name or the email address upon creation of the password. The options to restrict the maximum number of equivalent or consecutive characters avoid very weak passwords with few or repeating characters. Another important option is the ability to define which characters must be integrated at least once into the password. Here you have the options for upper- and lowercase letters, numbers and special characters (multiple selection is possible and recommended).


+ = Added - ! = Removed - ^ = Changed - # = Fixed

Joomla! 4.x

Version - 2022-10-17

  • + Added Pro Security Token validation check. The Pro package contains a token file with an individual security token linked to the user account and checked against the validation server for authenticity.
  • ^ Multiple internal code optimisations.

Version - 2021-11-14

  • + Added the built-in Download Key Manager support to enter your Pro Update ID without installing the update helper plugin.
    Important: Please copy your personal Pro Update ID using the second copy button in the Pro ID Manager and enter the key in System - Update - Update Sites - Select the entry of the Pro extension and enter the ID into the Download Key field.
  • ^ Code optimisations

Version - 2021-09-16

  • + First Pro release for Joomla! 4.x based on FPC Pro version

Joomla! 3.x

Version - 2021-06-12

  • ^ Maintenance release
  • ^ Changed the version number specification. The first number stands for the supported major Joomla! version. The following three numbers follow the Semantic Versioning Specification (SemVer), as it used to be previously.
  • ^ Updated custom field
  • ^ Code optimisations

Version 3.2.1-PRO - 2021-01-17

  • ^ Maintenance release

Version 3.2.0-PRO - 2020-04-09


Version 3.1.1 - 2016-02-21

  • + Code Refactoring
  • ^ Updated Language Files

Version 3.1.0 - 2015-08-01

  • + Donation Code Validation Process - Improved the validation process with a new server (HTTPS request) plus an independent, separated fallback server (HTTP request).
  • + New Download Server - Download packages are located independently of the project website on a new download server.
  • ^ Semantic versioning - Switched to semantic versioning, see for more details. Please update manually since the core update server functionality will not recognize the new version!
  • Version 3-2 - 2015-02-05

    • + Update Server - Added the Joomla! core functionality for the update checks
    • ^ Updated Donation Code field - Uses the HTTP API for the requests and calls the check script via HTTPS
    • ^ Links in the language files - Updated outdated links to the JED (Joomla! Extensions Directory)
    • ! Removed Version Check field

    Version 3-1 - 2013-12-15

    • First release for Joomla! 3.x.
    • This release is tested only with Joomla! 3.2 - do not use it in a lower Joomla! version. Do not report any problems with other Joomla! versions. Only the mentioned version is supported officially!

    Joomla! 2.5

    Version 2.5-2 - 2013-05-21

    • ^ Output of option "Password must contain" - all needed character types are displayed in the error message, not only the missing one

    Version 2.5-1 - 26-Feb-2013

    + First version for Joomla! 2.5


    Overview of all downloads of the extension: FPC - Force Password Complexity Downloads