schuppo / PasswordStrengthPackage by schuppo

This package provides a validator for ensuring strong passwords in Laravel 4 applications.
Package Data
Maintainer Username: schuppo
Maintainer Contact: (Oliver Schupp)
Package Create Date: 2014-01-17
Package Last Update: 2024-03-02
Home Page:
Language: PHP
License: MIT
Last Refreshed: 2024-05-17 15:01:25
Package Statistics
Total Downloads: 2,485,795
Monthly Downloads: 16,614
Daily Downloads: 734
Total Stars: 142
Total Watchers: 6
Total Forks: 54
Total Open Issues: 3

PasswordStrength Package

Build Status Total Downloads License

This package provides a validator that ensures strong passwords in Laravel 4 & 5 applications. It is influenced a lot by PasswordStrengthBundle for Symfony 2.

It is out now for a while and since there were no complaints it very likely fulfills its purpose.

The provided validations include:

  • check if input contains alphabetic characters
  • check if input contains numeric characters
  • check if input contains mixed case characters
  • check if input contains symbols



Get the package

For Laravel 4 users

Just composer require schuppo/password-strength:"~0.10".

For Laravel 5 users

Just composer require schuppo/password-strength:"~1.5".

Initialize the package

If you do run the package on Laravel 5.5+, you can start using the package at this point. package auto-discovery takes care of the magic of adding the service provider.

If you do not run Laravel 5.5 (or higher), then add the following line under the providers array key in app/config.php:

// app/config/app.php
return array(
    // ...
    'providers' => array(
        // ...
    // ...


I recently recognized a small conflict in the usage of this package in combination with unique-with: One runs into problems when adding the PasswordStrengthServiceProvider after UniqueWithValidatorServiceProvider to the providers array, the rules of this package stay unknown to the Laravel Validator.

The problem is easy to fix though: Just add the service provider of this package in front of the service provider of unique-with. In that order both packages work fine.


Now Laravel's native Validator is extended by four rules:

  • case_diff
  • numbers
  • letters
  • symbols


You can apply these rules as described in the validation section on Laravel's website

$v = Validator::make(array(
    'password' => '12345QWERTqwert@',
    'password' => 'case_diff|numbers|letters|symbols'
$v->passes();   // returns true;

Notice that you can validate any value with the new rules. The only reason why this package is called "Password Strength Package" is that it describes its foremost purpose.


[Laravel 5 / Laravel 4]


Simplifies symbol validation


Adds Chinese and Spanish translation


Improves Polish translation


Adds Arabic translation


Adds Czech translation


  • Adds Russian translation


  • Adds unicode flag to case difference validation rule


  • Adds Dutch translation
  • Updates French translation
  • Makes packages php7 ready


Adds Romanian translation


Adds Polish translation


Adds French translation




Make package laravel 5 ready


  • New validation rule to check if input contains symbols. Thanks to closca for providing this new feature.


  • Added new version to composer.json


  • Small changes in


  • Minimum requirement (PHP 5.4 because of array chains) is now recognized by composer.json


  • The package works properly now when other extensions of laravel's validator are used as well (like unique-with).
  • The package is able to take localization overwrites now as described in the laravel docs


  • Fixed: Package validator doesn't overwrite custom validation errror messages any more. Not functional tested though because I have no clue how to set up a test which controls the passing of variables from the password strength package to the native validator INSIDE the package's test folders. Any suggestions?


This package is under the MIT license. See the complete license:

Reporting Issues or Feature Requests

Issues and feature requests are tracked on GitHub.