---
title: "Enforcing a Custom Password Policy in Convert Forms - Convert Forms"
description: "Would you like to enforce a strict password policy in Convert Forms that requires a combination of uppercase letters, lowercase letters, numbers, and"
url: "https://www.tassos.gr/docs/convert-forms/security/force-custom-password-policy"
date: "2026-05-06T22:41:22+00:00"
language: "en-GB"
---

[ Home ](https://www.tassos.gr/index.php?option=com_content&view=category&layout=blog&id=24&Itemid=1088) / [ Convert Forms ](https://www.tassos.gr/index.php?option=com_content&view=category&id=43) / [ Spam, Security & Compliance ](https://www.tassos.gr/index.php?option=com_content&view=category&id=78)

#  Enforcing a Custom Password Policy in Convert Forms

Would you like to enforce a strict password policy in Convert Forms that requires a combination of uppercase letters, lowercase letters, numbers, and symbols? While Convert Forms doesn’t strictly enforce these requirements by default, you can easily achieve this with a custom PHP function. In this guide, we’ll walk you through adding a custom code snippet to implement your password validation rules, ensuring stronger, more secure passwords in your Joomla forms.

## [Setup](#setup)

To force your password policy, copy the code below and place it into your form's PHP Scripts -> Form Process area.

 ```
$passwordFieldName = 'name'; // Set the name of the password field to check
$passwordLength = 8; // Set password length
$requireNumbers = true; // Check for numeric digits
$requireSymbols = true; // Check for symbols
$requireMixedCase = true; // Check for mixed case letters
$preventCommonPasswords = true; // Check for common passwords

// DO NOT EDIT BELOW
$password = $post[$passwordFieldName];

// Check password length
if (mb_strlen($password) < $passwordLength)
{
    throw new Exception("Password must be at least $passwordLength characters long.");
}

// Check for numeric digits if required
if ($requireNumbers && !preg_match('/[0-9]/', $password))
{
    throw new Exception('Password must contain at least one numeric digit.');
}

// Check for symbols if required
if ($requireSymbols && !preg_match('/[\W_]/u', $password))
{
    throw new Exception('Password must contain at least one special character (e.g., @, #, $, %).');

}

// Check for mixed case letters if required
if ($requireMixedCase)
{
    // Uppercase letters (Unicode-aware)
    if (!preg_match('/\p{Lu}/u', $password))
    {
        throw new Exception('Password must contain at least one uppercase letter.');
    }

    // Lowercase letters (Unicode-aware)
    if (!preg_match('/\p{Ll}/u', $password))
    {
        throw new Exception('Password must contain at least one lowercase letter.');
    }
}

// Check for common passwords if required
if ($preventCommonPasswords)
{
    $commonPasswords = [
        '123456',
        'password',
        'qwerty',
        'abc123'
    ];

    if (in_array($password, $commonPasswords))
    {
        throw new Exception('Password is too common, please choose a more secure one.');
    }
}
```

 Last updated on Nov 26th 2024 12:11

## Schema

```json
{
    "@context": "https://schema.org",
    "@type": "BreadcrumbList",
    "itemListElement": [
        {
            "@type": "ListItem",
            "position": 1,
            "name": "Home",
            "item": "https://www.tassos.gr"
        },
        {
            "@type": "ListItem",
            "position": 2,
            "name": "Home",
            "item": "https://www.tassos.gr/docs"
        },
        {
            "@type": "ListItem",
            "position": 3,
            "name": "Convert Forms",
            "item": "https://www.tassos.gr/docs/convert-forms"
        },
        {
            "@type": "ListItem",
            "position": 4,
            "name": "Spam, Security & Compliance",
            "item": "https://www.tassos.gr/docs/convert-forms/security"
        },
        {
            "@type": "ListItem",
            "position": 5,
            "name": "Enforcing a Custom Password Policy in Convert Forms",
            "item": "https://www.tassos.gr/docs/convert-forms/security/force-custom-password-policy"
        }
    ]
}
```

```json
{
    "@context": "https://schema.org",
    "@type": "Article",
    "mainEntityOfPage": {
        "@type": "WebPage",
        "@id": "https://www.tassos.gr/docs/convert-forms/security/force-custom-password-policy"
    },
    "headline": "Enforcing a Custom Password Policy in Convert Forms",
    "image": {
        "@type": "ImageObject",
        "url": "https://www.tassos.gr/"
    },
    "publisher": {
        "@type": "Organization",
        "name": "Tassos",
        "logo": {
            "@type": "ImageObject",
            "url": "https://www.tassos.gr/https://www.tassos.gr/media/brand/logo-text.png"
        }
    },
    "author": {
        "@type": "Person",
        "name": "Tassos Marinos",
        "url": "https://www.tassos.gr/docs/convert-forms/security/force-custom-password-policy"
    },
    "datePublished": "2024-10-09T08:39:52+03:00",
    "dateCreated": "2024-10-09T08:39:52+03:00",
    "dateModified": "2024-11-26T12:28:42+02:00"
}
```