Documentation for Disallow Password Reuse Feature¶ ↑
The disallow password reuse feature disallows setting of a password that matches a number of previous passwords (6 by default).
On databases where Rodauth supports the use of database authentication functions, Rodauth also supports the use of database functions for checking previous passwords, so previous password hashes enjoy the same database security as current password hashes.
It is not recommended to use this feature unless you have a policy that requires it. This will significantly slow down setting a new password due to the need to check all of the previous stored passwords. Additionally, storing previous passwords means that if attackers can get access to the the database, they can get the previous stored passwords in addition to the current password.
Auth Value Methods¶ ↑
| password_same_as_previous_password_message |
The error message fragment to display if the given password is the same as a previous password. |
| previous_password_account_id_column |
The column in the |
| previous_password_hash_column |
The column in the |
| previous_password_hash_table |
The table storing previous password hashes. |
| previous_password_id_column |
The column in the |
| previous_passwords_to_check |
The number of previous password hashes to store and check. |
Auth Methods¶ ↑
| add_previous_password_hash(hash) |
Add the given hash to the list of previous hashes for the current account. |
| password_doesnt_match_previous_password?(password) |
Whether the password given matches any of the previous passwords. |