From 7b938845cf265114c6cb2b02228ff9d10b676016 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Mon, 10 Mar 2014 11:18:26 +0100
Subject: [PATCH] Added system option to configure minimum password strength
 and length

---
 install/tpl/system.ini.master                 |   2 +
 .../lib/classes/validate_password.inc.php     | 121 ++++++++++++++++++
 interface/lib/lang/de.lng                     |   8 ++
 interface/lib/lang/en.lng                     |   9 ++
 .../web/admin/form/remote_user.tform.php      |   8 ++
 .../web/admin/form/system_config.tform.php    |  14 ++
 interface/web/admin/form/users.tform.php      |   8 ++
 .../web/admin/lib/lang/de_system_config.lng   |   2 +
 .../web/admin/lib/lang/en_system_config.lng   |   2 +
 .../templates/system_config_misc_edit.htm     |  10 ++
 interface/web/client/form/client.tform.php    |   8 ++
 interface/web/client/form/reseller.tform.php  |   8 ++
 interface/web/js/scrigo.js.php                |   9 +-
 .../web/mail/form/mail_mailinglist.tform.php  |   8 ++
 interface/web/mail/form/mail_user.tform.php   |   8 ++
 .../form/mail_user_password.tform.php         |   8 ++
 .../web/sites/form/database_user.tform.php    |   8 ++
 interface/web/sites/form/ftp_user.tform.php   |   8 ++
 interface/web/sites/form/shell_user.tform.php |   8 ++
 interface/web/sites/form/web_domain.tform.php |   8 ++
 .../web/sites/form/web_folder_user.tform.php  |   8 ++
 .../sites/form/web_vhost_subdomain.tform.php  |   8 ++
 .../web/sites/form/webdav_user.tform.php      |   8 ++
 .../web/tools/form/user_settings.tform.php    |   8 ++
 24 files changed, 295 insertions(+), 2 deletions(-)
 create mode 100644 interface/lib/classes/validate_password.inc.php

diff --git a/install/tpl/system.ini.master b/install/tpl/system.ini.master
index 1f305dde8..2b1a6d740 100644
--- a/install/tpl/system.ini.master
+++ b/install/tpl/system.ini.master
@@ -51,3 +51,5 @@ customer_no_start=1
 customer_no_counter=0
 session_timeout=0
 session_allow_endless=0
+min_password_length=5
+min_password_strength=0
diff --git a/interface/lib/classes/validate_password.inc.php b/interface/lib/classes/validate_password.inc.php
new file mode 100644
index 000000000..961963743
--- /dev/null
+++ b/interface/lib/classes/validate_password.inc.php
@@ -0,0 +1,121 @@
+<?php
+
+/*
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
+Copyright (c) 2014, Marius Cramer, pixcept KG
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+class validate_password {
+	
+	private function _get_password_strength($password) {
+		$length = strlen($password);
+		$points = 0;
+		if ($length < 5) {
+			return 1;
+		}
+
+		if (preg_match('/[ABCDEFGHIJKLNMOPQRSTUVWXYZ]/', $password)) {
+			$points += 1;
+		}
+
+		if (preg_match('/[0123456789]/', $password)) {
+			$points += 1;
+		}
+
+		if (preg_match('/[`~!@#$%^&*()_+|\\=-[]}{\';:\/?.>,<" ]/', $password)) {
+			$points += 1;
+		}
+
+		if ($points == 0) {
+			if ($length >= 5 && $length <= 6) {
+				return 1;
+			} else if ($length >= 7 && $length <= 8) {
+				return 2;
+			} else {
+				return 3;
+			}
+		} else if ($points == 1) {
+			if ($length >= 5 && $length <= 6) {
+				return 2;
+			} else if (length >= 7 && length <=10) {
+				return 3;
+			} else {
+				return 4;
+			}
+		} else if ($points == 2) {
+			if ($length >= 5 && $length <= 8) {
+				return 3;
+			} else if ($length >= 9 && $length <= 10) {
+				return 4;
+			} else {
+				return 5;
+			}
+		} else if ($points == 3) {
+			if ($length >= 5 && $length <= 6) {
+				return 3;
+			} else if ($length >= 7 && $length <= 8) {
+				return 4;
+			} else {
+				return 5;
+			}
+		} else if ($points >= 4) {
+			if ($length >= 5 && $length <= 6) {
+				return 4;
+			} else {
+				return 5;
+			}
+		}
+		
+	}
+	
+	/* Validator function */
+	function password_check($field_name, $field_value, $validator) {
+		global $app;
+		
+		$app->uses('ini_parser,getconf');
+		$server_config_array = $app->getconf->get_global_config();
+		
+		$min_password_strength = 0;
+		$min_password_length = 5;
+		if(isset($server_config_array['misc']['min_password_length'])) $min_password_length = $server_config_array['misc']['min_password_length'];
+		if(isset($server_config_array['misc']['min_password_strength'])) $min_password_strength = $server_config_array['misc']['min_password_strength'];
+		
+		if($min_password_strength > 0) {
+			$lng_text = $app->lng('weak_password_txt');
+			$lng_text = str_replace(array('{chars}', '{strength}'), array($min_password_length, $app->lng('strength_' . $min_password_strength)), $lng_text);
+		} else {
+			$lng_text = $app->lng('weak_password_length_txt');
+			$lng_text = str_replace('{chars}', $min_password_length, $lng_text);
+		}
+		if(!$lng_text) $lng_text = 'weak_password_txt'; // always return a string, even if language is missing - otherwise validator is NOT MATCHING!
+		
+		if(strlen($field_value) < $min_password_length) return $lng_text;
+		if($this->_get_password_strength($field_value) < $min_password_strength) return $lng_text;
+		
+		return false;
+	}
+}
diff --git a/interface/lib/lang/de.lng b/interface/lib/lang/de.lng
index 91300ea76..920e2cea6 100644
--- a/interface/lib/lang/de.lng
+++ b/interface/lib/lang/de.lng
@@ -139,4 +139,12 @@ $wb['gender_f_txt'] = 'Frau';
 $wb['client_cannot_be_deleted_because_of_billing_module_txt'] = 'Für den Kunden existieren Einträge im Billing-Modul, daher kann er nicht gelöscht werden.';
 $wb['yes_txt'] = 'Ja';
 $wb['no_txt'] = 'Nein';
+$wb['None'] = 'Keine';
+$wb['strength_1'] = 'Leicht';
+$wb['strength_2'] = 'Mittel';
+$wb['strength_3'] = 'Gut';
+$wb['strength_4'] = 'Stark';
+$wb['strength_5'] = 'Sehr stark';
+$wb['weak_password_txt'] = 'Das gewählte Passwort erfüllt die Sicherheitsanforderungen nicht. Es muss mindestens {chars} Zeichen lang sein und die Stärke "{strength}" besitzen.';
+$wb['weak_password_length_txt'] = 'Das gewählte Passwort erfüllt die Sicherheitsanforderungen nicht. Es muss mindestens {chars} Zeichen lang sein.';
 ?>
\ No newline at end of file
diff --git a/interface/lib/lang/en.lng b/interface/lib/lang/en.lng
index a8939b997..ec309d9f8 100644
--- a/interface/lib/lang/en.lng
+++ b/interface/lib/lang/en.lng
@@ -141,4 +141,13 @@ $wb['gender_f_txt'] = 'Ms.';
 $wb['client_cannot_be_deleted_because_of_billing_module_txt'] = 'This client has records in the billing module, therefore he cannot be deleted.';
 $wb['yes_txt'] = 'Yes';
 $wb['no_txt'] = 'No';
+$wb['None'] = 'None';
+$wb['strength_1'] = 'Weak';
+$wb['strength_2'] = 'Fair';
+$wb['strength_3'] = 'Good';
+$wb['strength_4'] = 'Strong';
+$wb['strength_5'] = 'Very Strong';
+$wb['weak_password_txt'] = 'The chosen password does not match the security guidelines. It has to be at least {chars} chars in length and have a strength of "{strength}".';
+$wb['weak_password_length_txt'] = 'The chosen password does not match the security guidelines. It has to be at least {chars} chars in length.';
+
 ?>
diff --git a/interface/web/admin/form/remote_user.tform.php b/interface/web/admin/form/remote_user.tform.php
index fd765ce9f..1ab2b0e0d 100644
--- a/interface/web/admin/form/remote_user.tform.php
+++ b/interface/web/admin/form/remote_user.tform.php
@@ -101,6 +101,14 @@ $form["tabs"]['remote_user'] = array (
 		'remote_password' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption' => 'MD5',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/admin/form/system_config.tform.php b/interface/web/admin/form/system_config.tform.php
index 8d7008f80..605453422 100644
--- a/interface/web/admin/form/system_config.tform.php
+++ b/interface/web/admin/form/system_config.tform.php
@@ -487,6 +487,20 @@ $form["tabs"]['misc'] = array (
 			'default' => 'n',
 			'value'  => array(0 => 'n', 1 => 'y')
 		),
+		'min_password_length' => array(
+			'datatype' => 'INTEGER',
+			'formtype' => 'TEXT',
+			'default' => '5',
+			'value'  => '',
+			'width'  => '30',
+			'maxlength' => '255'
+		),
+		'min_password_strength' => array(
+			'datatype' => 'VARCHAR',
+			'formtype' => 'SELECT',
+			'default' => '',
+			'value'  => array('' => 'None', '1' => 'strength_1', '2' => 'strength_2', '3' => 'strength_3', '4' => 'strength_4', '5' => 'strength_5')
+		)
 		//#################################
 		// ENDE Datatable fields
 		//#################################
diff --git a/interface/web/admin/form/users.tform.php b/interface/web/admin/form/users.tform.php
index 06f07c07e..9ee2970df 100644
--- a/interface/web/admin/form/users.tform.php
+++ b/interface/web/admin/form/users.tform.php
@@ -164,6 +164,14 @@ $form['tabs']['users'] = array (
 		'passwort' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption'    => 'CRYPT',
 			'regex'  => '',
 			'errmsg' => '',
diff --git a/interface/web/admin/lib/lang/de_system_config.lng b/interface/web/admin/lib/lang/de_system_config.lng
index f4103d57a..9c978216b 100644
--- a/interface/web/admin/lib/lang/de_system_config.lng
+++ b/interface/web/admin/lib/lang/de_system_config.lng
@@ -66,4 +66,6 @@ $wb['customer_no_counter_txt'] = 'Kundennummer Zähler';
 $wb['session_timeout_txt'] = 'Session-Timeout (Minuten)';
 $wb['session_allow_endless_txt'] = '"Eingeloggt bleiben" aktivieren';
 $wb['No'] = 'Nein';
+$wb['min_password_length_txt'] = 'Minimale Passwortlänge';
+$wb['min_password_strength_txt'] = 'Minimale Passwortstärke';
 ?>
\ No newline at end of file
diff --git a/interface/web/admin/lib/lang/en_system_config.lng b/interface/web/admin/lib/lang/en_system_config.lng
index d78478e21..f0e01936a 100644
--- a/interface/web/admin/lib/lang/en_system_config.lng
+++ b/interface/web/admin/lib/lang/en_system_config.lng
@@ -66,4 +66,6 @@ $wb['customer_no_counter_txt'] = 'Customer No. counter';
 $wb['session_timeout_txt'] = 'Session timeout (minutes)';
 $wb['session_allow_endless_txt'] = 'Enable "stay logged in"';
 $wb['No'] = 'No';
+$wb['min_password_length_txt'] = 'Minimum password length';
+$wb['min_password_strength_txt'] = 'Minimum password strength';
 ?>
diff --git a/interface/web/admin/templates/system_config_misc_edit.htm b/interface/web/admin/templates/system_config_misc_edit.htm
index ea9844e45..2fd6eef84 100644
--- a/interface/web/admin/templates/system_config_misc_edit.htm
+++ b/interface/web/admin/templates/system_config_misc_edit.htm
@@ -90,6 +90,16 @@
                 <div class="multiField">
                     {tmpl_var name='session_allow_endless'}
                 </div>
+            </div>
+            <div class="ctrlHolder">
+                <label for="min_password_length">{tmpl_var name='min_password_length_txt'}</label>
+                <input name="min_password_length" id="min_password_length" value="{tmpl_var name='min_password_length'}" size="30" maxlength="255" type="text" class="textInput" />
+            </div>
+            <div class="ctrlHolder">
+                <label for="min_password_strength">{tmpl_var name='min_password_strength_txt'}</label>
+                <select name="min_password_strength" id="min_password_strength" class="selectInput formLengthHalf">
+                    {tmpl_var name='min_password_strength'}
+                </select>
             </div>
 			<div class="ctrlHolder">
                 <p class="label">{tmpl_var name='maintenance_mode_txt'}</p>
diff --git a/interface/web/client/form/client.tform.php b/interface/web/client/form/client.tform.php
index 41e49b656..623f92eaf 100644
--- a/interface/web/client/form/client.tform.php
+++ b/interface/web/client/form/client.tform.php
@@ -166,6 +166,14 @@ $form["tabs"]['address'] = array (
 		'password' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption'=> 'CRYPT',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/client/form/reseller.tform.php b/interface/web/client/form/reseller.tform.php
index a37210990..99e7c6e08 100644
--- a/interface/web/client/form/reseller.tform.php
+++ b/interface/web/client/form/reseller.tform.php
@@ -166,6 +166,14 @@ $form["tabs"]['address'] = array (
 		'password' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption'=> 'CRYPT',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/js/scrigo.js.php b/interface/web/js/scrigo.js.php
index ec7cdb9f8..be5d44f64 100644
--- a/interface/web/js/scrigo.js.php
+++ b/interface/web/js/scrigo.js.php
@@ -522,8 +522,13 @@ function keepalive() {
 }
 
 
-
-var pass_minimum_length = 5;
+<?php
+$min_password_length = 5;
+if(isset($server_config_array['misc']['min_password_length'])) {
+	$min_password_length = $app->functions->intval($server_config_array['misc']['min_password_length']);
+}
+?>
+var pass_minimum_length = <?php echo $min_password_length; ?>;
 var pass_messages = new Array();
 
 var pass_message = new Array();
diff --git a/interface/web/mail/form/mail_mailinglist.tform.php b/interface/web/mail/form/mail_mailinglist.tform.php
index dbd7c0e04..24c4f003c 100644
--- a/interface/web/mail/form/mail_mailinglist.tform.php
+++ b/interface/web/mail/form/mail_mailinglist.tform.php
@@ -132,6 +132,14 @@ $form["tabs"]['mailinglist'] = array (
 		'password' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption'=> 'CLEARTEXT',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/mail/form/mail_user.tform.php b/interface/web/mail/form/mail_user.tform.php
index 66bc8e3c2..fdfd6a629 100644
--- a/interface/web/mail/form/mail_user.tform.php
+++ b/interface/web/mail/form/mail_user.tform.php
@@ -120,6 +120,14 @@ $form["tabs"]['mailuser'] = array(
 		'password' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption'=> 'CRYPT',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/mailuser/form/mail_user_password.tform.php b/interface/web/mailuser/form/mail_user_password.tform.php
index 65cf076e3..a11982e28 100644
--- a/interface/web/mailuser/form/mail_user_password.tform.php
+++ b/interface/web/mailuser/form/mail_user_password.tform.php
@@ -61,6 +61,14 @@ $form["tabs"]['mailuser'] = array (
 		'password' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption'    => 'CRYPT',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/sites/form/database_user.tform.php b/interface/web/sites/form/database_user.tform.php
index a270fb1af..6afb34b9d 100644
--- a/interface/web/sites/form/database_user.tform.php
+++ b/interface/web/sites/form/database_user.tform.php
@@ -102,6 +102,14 @@ $form["tabs"]['database_user'] = array (
 		'database_password' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption' => 'MYSQL',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/sites/form/ftp_user.tform.php b/interface/web/sites/form/ftp_user.tform.php
index b540ec026..20e4565ff 100644
--- a/interface/web/sites/form/ftp_user.tform.php
+++ b/interface/web/sites/form/ftp_user.tform.php
@@ -110,6 +110,14 @@ $form["tabs"]['ftp'] = array (
 		),
 		'password' => array (
 			'datatype' => 'VARCHAR',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'formtype' => 'PASSWORD',
 			'encryption' => 'CRYPT',
 			'default' => '',
diff --git a/interface/web/sites/form/shell_user.tform.php b/interface/web/sites/form/shell_user.tform.php
index d9928e6ac..ab7cef1bf 100644
--- a/interface/web/sites/form/shell_user.tform.php
+++ b/interface/web/sites/form/shell_user.tform.php
@@ -111,6 +111,14 @@ $form["tabs"]['shell'] = array (
 		'password' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption' => 'CRYPT',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/sites/form/web_domain.tform.php b/interface/web/sites/form/web_domain.tform.php
index 59f38b587..651b64355 100644
--- a/interface/web/sites/form/web_domain.tform.php
+++ b/interface/web/sites/form/web_domain.tform.php
@@ -478,6 +478,14 @@ $form["tabs"]['stats'] = array (
 		'stats_password' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption' => 'CRYPT',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/sites/form/web_folder_user.tform.php b/interface/web/sites/form/web_folder_user.tform.php
index 19ca71c1d..c3386a5a2 100644
--- a/interface/web/sites/form/web_folder_user.tform.php
+++ b/interface/web/sites/form/web_folder_user.tform.php
@@ -98,6 +98,14 @@ $form["tabs"]['user'] = array (
 		'password' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption' => 'CRYPT',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/sites/form/web_vhost_subdomain.tform.php b/interface/web/sites/form/web_vhost_subdomain.tform.php
index 1448a64ad..e4ca6a2fd 100644
--- a/interface/web/sites/form/web_vhost_subdomain.tform.php
+++ b/interface/web/sites/form/web_vhost_subdomain.tform.php
@@ -468,6 +468,14 @@ $form["tabs"]['stats'] = array (
 		'stats_password' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption' => 'CRYPT',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/sites/form/webdav_user.tform.php b/interface/web/sites/form/webdav_user.tform.php
index d17f3ed4a..a1bfd3056 100644
--- a/interface/web/sites/form/webdav_user.tform.php
+++ b/interface/web/sites/form/webdav_user.tform.php
@@ -104,6 +104,14 @@ $form["tabs"]['webdav'] = array (
 		'password' => array (
 			'datatype' => 'VARCHAR',
 			'encryption' => 'CLEARTEXT',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'formtype' => 'PASSWORD',
 			'default' => '',
 			'value'  => '',
diff --git a/interface/web/tools/form/user_settings.tform.php b/interface/web/tools/form/user_settings.tform.php
index 4ceda5843..f3ad5a2d3 100644
--- a/interface/web/tools/form/user_settings.tform.php
+++ b/interface/web/tools/form/user_settings.tform.php
@@ -104,6 +104,14 @@ $form['tabs']['users'] = array (
 		'passwort' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'PASSWORD',
+			'validators' => array(
+				0 => array(
+					'type' => 'CUSTOM',
+					'class' => 'validate_password',
+					'function' => 'password_check',
+					'errmsg' => 'weak_password_txt'
+				)
+			),
 			'encryption'=> 'CRYPT',
 			'regex'  => '',
 			'errmsg' => '',
-- 
GitLab