Password Security

password_security
REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/18.0/password_security
VERSION
VERSION 1.0.0
CATEGORY
CATEGORYBase
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Onestein, Omar Nasr
MAINTAINERS
MAINTAINERSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Onestein, Omar Nasr
COMMITTERS
COMMITTERSWeblate, OCA-git-bot, oca-ci, LauraCForgeFlow, IsabelAForgeFlow
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 19:30:10
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_signup
    - base_setup
    - base
    - web
    - mail
    - bus
    - web_tour
    - html_editor
    - auth_password_policy_signup
    - auth_password_policy
    - auth_totp
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION
This module allows admin to set company-level password security
requirements and enforces them on the user.

It contains features such as

- Password expiration days
- Password length requirement
- Password minimum number of lowercase letters
- Password minimum number of uppercase letters
- Password minimum number of numbers
- Password minimum number of special characters

Code Analysis

Views touched (1)
XML IDNameModelTypeStatus
res_config_settings_view_form res.config.settings.form.password_security res.config.settings xpath Inherits auth_password_policy.res_config_settings_view_form
Models touched (3)

New fields (7)
  • password_expiration Integer
    config_parameter='password_security.expiration_days' default=0 help='How many days until passwords expire' string='Days'
  • password_history Integer
    config_parameter='password_security.history' default=0 help='Disallow reuse of this many previous passwords - use negative number for infinite, or 0 to disable' string='History'
  • password_lower Integer
    config_parameter='password_security.lower' default=0 help='Require number of lowercase letters' string='Lowercase'
  • password_minimum Integer
    config_parameter='password_security.minimum_hours' default=0 help='Number of hours until a user may change password again' string='Minimum Hours'
  • password_numeric Integer
    config_parameter='password_security.numeric' default=0 help='Require number of numeric digits' string='Numeric'
  • password_special Integer
    config_parameter='password_security.special' default=0 help='Require number of unique special characters' string='Special'
  • password_upper Integer
    config_parameter='password_security.upper' default=0 help='Require number of uppercase letters' string='Uppercase'
Public methods (0)

No public methods.

New fields (2)
  • password_history_ids One2many → res.users.pass.history
    comodel_name='res.users.pass.history' inverse_name='user_id' readonly=True string='Password History'
  • password_write_date Datetime
    default=fields.Datetime.now readonly=True args: 'Last password update'
Public methods (5)
  • action_expire_password(self)
  • action_reset_password(self)
    Disallow password resets inside of Minimum Hours
  • get_password_policy(self)
    @api.model
  • password_match_message(self)
  • write(self, vals)

New fields (3)
  • date Datetime
    default=<expr> index=True
  • password_crypt Char
    string='Encrypted Password'
  • user_id Many2one → res.users
    comodel_name='res.users' index=True ondelete='cascade' string='User'
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/17.0/password_security
VERSION
VERSION 2.0.0
CATEGORY
CATEGORYBase
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Onestein, Omar Nasr
MAINTAINERS
MAINTAINERSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Onestein, Omar Nasr
COMMITTERS
COMMITTERSAlexis de Lattre, Weblate, OCA-git-bot, oca-ci
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 19:20:04
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_signup
    - base_setup
    - base
    - web
    - mail
    - bus
    - web_tour
    - auth_password_policy_signup
    - auth_password_policy
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION
This module allows admin to set company-level password security
requirements and enforces them on the user.

It contains features such as

- Password expiration days
- Password length requirement
- Password minimum number of lowercase letters
- Password minimum number of uppercase letters
- Password minimum number of numbers
- Password minimum number of special characters

Code Analysis

Views touched (1)
XML IDNameModelTypeStatus
res_config_settings_view_form res.config.settings.form.password_security res.config.settings xpath Inherits auth_password_policy.res_config_settings_view_form
Models touched (3)

New fields (7)
  • password_expiration Integer
    config_parameter='password_security.expiration_days' default=0 help='How many days until passwords expire' string='Days'
  • password_history Integer
    config_parameter='password_security.history' default=0 help='Disallow reuse of this many previous passwords - use negative number for infinite, or 0 to disable' string='History'
  • password_lower Integer
    config_parameter='password_security.lower' default=0 help='Require number of lowercase letters' string='Lowercase'
  • password_minimum Integer
    config_parameter='password_security.minimum_hours' default=0 help='Number of hours until a user may change password again' string='Minimum Hours'
  • password_numeric Integer
    config_parameter='password_security.numeric' default=0 help='Require number of numeric digits' string='Numeric'
  • password_special Integer
    config_parameter='password_security.special' default=0 help='Require number of unique special characters' string='Special'
  • password_upper Integer
    config_parameter='password_security.upper' default=0 help='Require number of uppercase letters' string='Uppercase'
Public methods (0)

No public methods.

New fields (2)
  • password_history_ids One2many → res.users.pass.history
    comodel_name='res.users.pass.history' inverse_name='user_id' readonly=True string='Password History'
  • password_write_date Datetime
    default=fields.Datetime.now readonly=True args: 'Last password update'
Public methods (5)
  • action_expire_password(self)
  • action_reset_password(self)
    Disallow password resets inside of Minimum Hours
  • get_password_policy(self)
    @api.model
  • password_match_message(self)
  • write(self, vals)

New fields (3)
  • date Datetime
    default=<expr> index=True
  • password_crypt Char
    string='Encrypted Password'
  • user_id Many2one → res.users
    comodel_name='res.users' index=True ondelete='cascade' string='User'
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/16.0/password_security
VERSION
VERSION 1.0.4
CATEGORY
CATEGORYBase
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Onestein, Omar Nasr
MAINTAINERS
MAINTAINERSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Onestein, Omar Nasr
COMMITTERS
COMMITTERSGitHub, keylor2906, Weblate, OCA-git-bot, Andrea Stirpe, oca-ci, antonag32, Moisés López - https://www.vauxoo.com/
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:53:43
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_signup
    - base_setup
    - base
    - web
    - mail
    - bus
    - web_tour
    - auth_password_policy_signup
    - auth_password_policy
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (1)
XML IDNameModelTypeStatus
res_config_settings_view_form res.config.settings.form.password_security res.config.settings xpath Inherits auth_password_policy.res_config_settings_view_form
Models touched (4)

New fields (7)
  • password_expiration Integer
    default=60 help='How many days until passwords expire' args: 'Days'
  • password_history Integer
    default=30 help='Disallow reuse of this many previous passwords - use negative number for infinite, or 0 to disable' args: 'History'
  • password_lower Integer
    default=1 help='Require number of lowercase letters' args: 'Lowercase'
  • password_minimum Integer
    default=24 help='Amount of hours until a user may change password again' args: 'Minimum Hours'
  • password_numeric Integer
    default=1 help='Require number of numeric digits' args: 'Numeric'
  • password_special Integer
    default=1 help='Require number of unique special characters' args: 'Special'
  • password_upper Integer
    default=1 help='Require number of uppercase letters' args: 'Uppercase'
Public methods (0)

No public methods.

New fields (7)
  • password_expiration Integer
    readonly=False related='company_id.password_expiration'
  • password_history Integer
    readonly=False related='company_id.password_history'
  • password_lower Integer
    readonly=False related='company_id.password_lower'
  • password_minimum Integer
    readonly=False related='company_id.password_minimum'
  • password_numeric Integer
    readonly=False related='company_id.password_numeric'
  • password_special Integer
    readonly=False related='company_id.password_special'
  • password_upper Integer
    readonly=False related='company_id.password_upper'
Public methods (0)

No public methods.

New fields (2)
  • password_history_ids One2many → res.users.pass.history
    comodel_name='res.users.pass.history' inverse_name='user_id' readonly=True string='Password History'
  • password_write_date Datetime
    copy=False default=fields.Datetime.now readonly=True args: 'Last password update'
Public methods (5)
  • action_expire_password(self)
  • action_reset_password(self)
    Disallow password resets inside of Minimum Hours
  • get_password_policy(self)
    @api.model
  • password_match_message(self)
  • write(self, vals)

New fields (3)
  • date Datetime
    default=<expr> index=True
  • password_crypt Char
    string='Encrypted Password'
  • user_id Many2one → res.users
    comodel_name='res.users' index=True ondelete='cascade' string='User'
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/15.0/password_security
VERSION
VERSION 1.4.1
CATEGORY
CATEGORYBase
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Onestein, Omar Nasr
MAINTAINERS
MAINTAINERSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Onestein, Omar Nasr
COMMITTERS
COMMITTERSAndreas Perhab, Akim Juillerat, Sébastien Alix, Weblate, OCA-git-bot, Andrea Stirpe, oca-ci, dsolanki, Adam Heinz
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:46:32
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_signup
    - base_setup
    - base
    - web
    - mail
    - bus
    - web_tour
    - auth_password_policy_signup
    - auth_password_policy
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES zxcvbn
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (2)
XML IDNameModelTypeStatus
fields Password Security data for auth_signup ir.ui.view qweb Inherits auth_signup.fields
res_config_settings_view_form res.config.settings.form.password_security res.config.settings xpath Inherits auth_password_policy.res_config_settings_view_form
Models touched (4)

New fields (10)
  • password_estimate Integer
    default=3 help='Required score for the strength estimation. Between 0 and 4' args: 'Estimation'
  • password_expiration Integer
    default=60 help='How many days until passwords expire' args: 'Days'
  • password_history Integer
    default=30 help='Disallow reuse of this many previous passwords - use negative number for infinite, or 0 to disable' args: 'History'
  • password_length Integer
    default=12 help='Minimum number of characters' args: 'Characters'
  • password_lower Integer
    default=1 help='Require number of lowercase letters' args: 'Lowercase'
  • password_minimum Integer
    default=24 help='Amount of hours until a user may change password again' args: 'Minimum Hours'
  • password_numeric Integer
    default=1 help='Require number of numeric digits' args: 'Numeric'
  • password_policy_enabled Boolean
    default=False
  • password_special Integer
    default=1 help='Require number of unique special characters' args: 'Special'
  • password_upper Integer
    default=1 help='Require number of uppercase letters' args: 'Uppercase'
Public methods (0)

No public methods.

New fields (10)
  • password_estimate Integer
    readonly=False related='company_id.password_estimate'
  • password_expiration Integer
    readonly=False related='company_id.password_expiration'
  • password_history Integer
    readonly=False related='company_id.password_history'
  • password_length Integer
    readonly=False related='company_id.password_length'
  • password_lower Integer
    readonly=False related='company_id.password_lower'
  • password_minimum Integer
    readonly=False related='company_id.password_minimum'
  • password_numeric Integer
    readonly=False related='company_id.password_numeric'
  • password_policy_enabled Boolean
    readonly=False related='company_id.password_policy_enabled'
  • password_special Integer
    readonly=False related='company_id.password_special'
  • password_upper Integer
    readonly=False related='company_id.password_upper'
Public methods (0)

No public methods.

New fields (2)
  • password_history_ids One2many → res.users.pass.history
    comodel_name='res.users.pass.history' inverse_name='user_id' readonly=True string='Password History'
  • password_write_date Datetime
    default=fields.Datetime.now readonly=True args: 'Last password update'
Public methods (7)
  • action_expire_password(self)
  • action_reset_password(self)
    Disallow password resets inside of Minimum Hours
  • create(self, vals)
    @api.model
  • get_estimation(self, password)
    @api.model
  • get_password_policy(self)
    @api.model
  • password_match_message(self)
  • write(self, vals)

New fields (3)
  • date Datetime
    default=<expr> index=True
  • password_crypt Char
    string='Encrypted Password'
  • user_id Many2one → res.users
    comodel_name='res.users' index=True ondelete='cascade' string='User'
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/14.0/password_security
VERSION
VERSION 1.1.0
CATEGORY
CATEGORYBase
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Omar Nasr
MAINTAINERS
MAINTAINERSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Omar Nasr
COMMITTERS
COMMITTERSDaniel Reis, OCA Transbot, oca-travis, Weblate, OCA-git-bot, Chandresh Thakkar, oca-git-bot, Urvisha-OSI
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:40:55
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_signup
    - base_setup
    - base
    - web
    - mail
    - bus
    - web_tour
    - auth_password_policy_signup
    - auth_password_policy
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES zxcvbn
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (2)
XML IDNameModelTypeStatus
assets_common Password Security Common Assets ir.ui.view qweb Inherits web.assets_common
res_config_settings_view_form res.config.settings.form.password_security res.config.settings xpath Inherits auth_password_policy.res_config_settings_view_form
Models touched (4)

New fields (9)
  • password_estimate Integer
    default=3 help='Required score for the strength estimation. Between 0 and 4' args: 'Estimation'
  • password_expiration Integer
    default=60 help='How many days until passwords expire' args: 'Days'
  • password_history Integer
    default=30 help='Disallow reuse of this many previous passwords - use negative number for infinite, or 0 to disable' args: 'History'
  • password_length Integer
    default=12 help='Minimum number of characters' args: 'Characters'
  • password_lower Integer
    default=1 help='Require number of lowercase letters' args: 'Lowercase'
  • password_minimum Integer
    default=24 help='Amount of hours until a user may change password again' args: 'Minimum Hours'
  • password_numeric Integer
    default=1 help='Require number of numeric digits' args: 'Numeric'
  • password_special Integer
    default=1 help='Require number of unique special characters' args: 'Special'
  • password_upper Integer
    default=1 help='Require number of uppercase letters' args: 'Uppercase'
Public methods (0)

No public methods.

New fields (9)
  • password_estimate Integer
    readonly=False related='company_id.password_estimate'
  • password_expiration Integer
    readonly=False related='company_id.password_expiration'
  • password_history Integer
    readonly=False related='company_id.password_history'
  • password_length Integer
    readonly=False related='company_id.password_length'
  • password_lower Integer
    readonly=False related='company_id.password_lower'
  • password_minimum Integer
    readonly=False related='company_id.password_minimum'
  • password_numeric Integer
    readonly=False related='company_id.password_numeric'
  • password_special Integer
    readonly=False related='company_id.password_special'
  • password_upper Integer
    readonly=False related='company_id.password_upper'
Public methods (0)

No public methods.

New fields (2)
  • password_history_ids One2many → res.users.pass.history
    comodel_name='res.users.pass.history' inverse_name='user_id' readonly=True string='Password History'
  • password_write_date Datetime
    default=fields.Datetime.now readonly=True args: 'Last password update'
Public methods (6)
  • action_expire_password(self)
  • create(self, vals)
    @api.model
  • get_estimation(self, password)
    @api.model
  • get_password_policy(self)
    @api.model
  • password_match_message(self)
  • write(self, vals)

New fields (3)
  • date Datetime
    default=<expr> index=True
  • password_crypt Char
    string='Encrypted Password'
  • user_id Many2one → res.users
    comodel_name='res.users' index=True ondelete='cascade' string='User'
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/13.0/password_security
VERSION
VERSION 1.0.0
CATEGORY
CATEGORYBase
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Omar Nasr
MAINTAINERS
MAINTAINERSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs, Omar Nasr
COMMITTERS
COMMITTERSStéphane Bidoul, OCA Transbot, Loïc Faure-Lacroix, oca-travis, Weblate, OCA-git-bot
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:34:11
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_signup
    - base_setup
    - base
    - web
    - mail
    - bus
    - web_tour
    - auth_password_policy_signup
    - auth_password_policy
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES zxcvbn
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (3)
XML IDNameModelTypeStatus
assets_common Password Security Common Assets ir.ui.view qweb Inherits web.assets_common
res_config_settings_view_form res.config.settings.form.password_security res.config.settings xpath Inherits auth_password_policy.res_config_settings_view_form
view_company_form res.company.form res.company xpath Inherits base.view_company_form
Models touched (4)

New fields (9)
  • password_estimate Integer
    default=3 help='Required score for the strength estimation. Between 0 and 4' args: 'Estimation'
  • password_expiration Integer
    default=60 help='How many days until passwords expire' args: 'Days'
  • password_history Integer
    default=30 help='Disallow reuse of this many previous passwords - use negative number for infinite, or 0 to disable' args: 'History'
  • password_length Integer
    default=12 help='Minimum number of characters' args: 'Characters'
  • password_lower Integer
    default=1 help='Require number of lowercase letters' args: 'Lowercase'
  • password_minimum Integer
    default=24 help='Amount of hours until a user may change password again' args: 'Minimum Hours'
  • password_numeric Integer
    default=1 help='Require number of numeric digits' args: 'Numeric'
  • password_special Integer
    default=1 help='Require number of unique special characters' args: 'Special'
  • password_upper Integer
    default=1 help='Require number of uppercase letters' args: 'Uppercase'
Public methods (0)

No public methods.

New fields (9)
  • password_estimate Integer
    readonly=False related='company_id.password_estimate'
  • password_expiration Integer
    readonly=False related='company_id.password_expiration'
  • password_history Integer
    readonly=False related='company_id.password_history'
  • password_length Integer
    readonly=False related='company_id.password_length'
  • password_lower Integer
    readonly=False related='company_id.password_lower'
  • password_minimum Integer
    readonly=False related='company_id.password_minimum'
  • password_numeric Integer
    readonly=False related='company_id.password_numeric'
  • password_special Integer
    readonly=False related='company_id.password_special'
  • password_upper Integer
    readonly=False related='company_id.password_upper'
Public methods (0)

No public methods.

New fields (2)
  • password_history_ids One2many → res.users.pass.history
    comodel_name='res.users.pass.history' inverse_name='user_id' readonly=True string='Password History'
  • password_write_date Datetime
    default=fields.Datetime.now readonly=True args: 'Last password update'
Public methods (6)
  • action_expire_password(self)
  • create(self, vals)
    @api.model
  • get_estimation(self, password)
    @api.model
  • get_password_policy(self)
    @api.model
  • password_match_message(self)
  • write(self, vals)

New fields (3)
  • date Datetime
    default=<expr> index=True
  • password_crypt Char
    string='Encrypted Password'
  • user_id Many2one → res.users
    comodel_name='res.users' index=True ondelete='cascade' string='User'
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/12.0/password_security
VERSION
VERSION 1.1.4
CATEGORY
CATEGORYBase
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs
MAINTAINERS
MAINTAINERSTecnativa, Odoo Community Association (OCA), initOS GmbH, Kaushal Prajapati, LasLabs
COMMITTERS
COMMITTERSAndrea, Stéphane Bidoul (ACSONE), OCA Transbot, João Marques, oca-travis, Weblate, OCA-git-bot, fkantelberg, Karthik Arumugam, Shepilov Vladislav
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:29:15
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_signup
    - base_setup
    - base
    - web
    - mail
    - bus
    - web_tour
    - auth_password_policy_signup
    - auth_password_policy
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES zxcvbn
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (3)
XML IDNameModelTypeStatus
assets_common Password Security Common Assets ir.ui.view qweb Inherits web.assets_common
res_config_settings_view_form res.config.settings.form.password_security res.config.settings xpath Inherits auth_password_policy.res_config_settings_view_form
view_company_form res.company.form res.company xpath Inherits base.view_company_form
Models touched (4)

New fields (9)
  • password_estimate Integer
    default=3 help='Required score for the strength estimation. Between 0 and 4' args: 'Estimation'
  • password_expiration Integer
    default=60 help='How many days until passwords expire' args: 'Days'
  • password_history Integer
    default=30 help='Disallow reuse of this many previous passwords - use negative number for infinite, or 0 to disable' args: 'History'
  • password_length Integer
    default=12 help='Minimum number of characters' args: 'Characters'
  • password_lower Integer
    default=1 help='Require number of lowercase letters' args: 'Lowercase'
  • password_minimum Integer
    default=24 help='Amount of hours until a user may change password again' args: 'Minimum Hours'
  • password_numeric Integer
    default=1 help='Require number of numeric digits' args: 'Numeric'
  • password_special Integer
    default=1 help='Require number of unique special characters' args: 'Special'
  • password_upper Integer
    default=1 help='Require number of uppercase letters' args: 'Uppercase'
Public methods (0)

No public methods.

New fields (9)
  • password_estimate Integer
    readonly=False related='company_id.password_estimate'
  • password_expiration Integer
    readonly=False related='company_id.password_expiration'
  • password_history Integer
    readonly=False related='company_id.password_history'
  • password_length Integer
    readonly=False related='company_id.password_length'
  • password_lower Integer
    readonly=False related='company_id.password_lower'
  • password_minimum Integer
    readonly=False related='company_id.password_minimum'
  • password_numeric Integer
    readonly=False related='company_id.password_numeric'
  • password_special Integer
    readonly=False related='company_id.password_special'
  • password_upper Integer
    readonly=False related='company_id.password_upper'
Public methods (0)

No public methods.

New fields (2)
  • password_history_ids One2many → res.users.pass.history
    comodel_name='res.users.pass.history' inverse_name='user_id' readonly=True string='Password History'
  • password_write_date Datetime
    default=fields.Datetime.now readonly=True args: 'Last password update'
Public methods (6)
  • action_expire_password(self)
    @api.multi
  • create(self, vals)
    @api.model
  • get_estimation(self, password)
    @api.model
  • get_password_policy(self)
    @api.model
  • password_match_message(self)
    @api.multi
  • write(self, vals)
    @api.multi

New fields (3)
  • date Datetime
    default=<expr> index=True
  • password_crypt Char
    string='Encrypted Password'
  • user_id Many2one → res.users
    comodel_name='res.users' index=True ondelete='cascade' string='User'
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/11.0/password_security
VERSION
VERSION 1.2.0
CATEGORY
CATEGORYBase
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSTecnativa, Odoo Community Association (OCA), Kaushal Prajapati, LasLabs
MAINTAINERS
MAINTAINERSTecnativa, Odoo Community Association (OCA), Kaushal Prajapati, LasLabs
COMMITTERS
COMMITTERSMaxime Chambreuil, Pedro M. Baeza, GitHub, Jairo Llopis, mreficent, Luis González, OCA Transbot, oca-travis, Weblate, OCA-git-bot, tarteo, Kaushal Prajapati
WEBSITE
WEBSITEhttps://laslabs.com
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:23:56
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_crypt
    - base
    - auth_signup
    - base_setup
    - web
    - mail
    - bus
    - web_tour
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (1)
XML IDNameModelTypeStatus
view_company_form res.company.form res.company xpath Inherits base.view_company_form
Models touched (3)

New fields (8)
  • password_expiration Integer
    default=60 help='How many days until passwords expire' args: 'Days'
  • password_history Integer
    default=30 help='Disallow reuse of this many previous passwords - use negative number for infinite, or 0 to disable' args: 'History'
  • password_length Integer
    default=12 help='Minimum number of characters' args: 'Characters'
  • password_lower Integer
    default=1 help='Require number of lowercase letters' args: 'Lowercase'
  • password_minimum Integer
    default=24 help='Amount of hours until a user may change password again' args: 'Minimum Hours'
  • password_numeric Integer
    default=1 help='Require number of numeric digits' args: 'Numeric'
  • password_special Integer
    default=1 help='Require number of unique special characters' args: 'Special'
  • password_upper Integer
    default=1 help='Require number of uppercase letters' args: 'Uppercase'
Public methods (0)

No public methods.

New fields (2)
  • password_history_ids One2many → res.users.pass.history
    comodel_name='res.users.pass.history' inverse_name='user_id' readonly=True string='Password History'
  • password_write_date Datetime
    default=fields.Datetime.now readonly=True args: 'Last password update'
Public methods (4)
  • action_expire_password(self)
    @api.multi
  • create(self, vals)
    @api.model
  • password_match_message(self)
    @api.multi
  • write(self, vals)
    @api.multi

New fields (3)
  • date Datetime
    default=<expr> index=True
  • password_crypt Char
    string='Encrypted Password'
  • user_id Many2one → res.users
    comodel_name='res.users' index=True ondelete='cascade' string='User'
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-tools
GIT
GIThttps://github.com/OCA/server-tools.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-tools/tree/10.0/password_security
VERSION
VERSION 1.1.4
CATEGORY
CATEGORYBase
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), LasLabs
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), LasLabs
COMMITTERS
COMMITTERSStefan Rijnhart, Pedro M. Baeza, GitHub, Jairo Llopis, OCA Transbot, Dave Lasley, oca-travis, Weblate, Nhomar Hernández [Vauxoo], Oleg Bulkin
WEBSITE
WEBSITEhttps://laslabs.com
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:19:59
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_crypt
    - base
    - auth_signup
    - base_setup
    - web_kanban
    - web
    - mail
    - bus
    - web_tour
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (1)
XML IDNameModelTypeStatus
view_company_form res.company.form res.company xpath Inherits base.view_company_form
Models touched (3)

New fields (8)
  • password_expiration Integer
    default=60 help='How many days until passwords expire' args: 'Days'
  • password_history Integer
    default=30 help='Disallow reuse of this many previous passwords - use negative number for infinite, or 0 to disable' args: 'History'
  • password_length Integer
    default=12 help='Minimum number of characters' args: 'Characters'
  • password_lower Boolean
    default=True help='Require lowercase letters' args: 'Lowercase'
  • password_minimum Integer
    default=24 help='Amount of hours until a user may change password again' args: 'Minimum Hours'
  • password_numeric Boolean
    default=True help='Require numeric digits' args: 'Numeric'
  • password_special Boolean
    default=True help='Require special characters' args: 'Special'
  • password_upper Boolean
    default=True help='Require uppercase letters' args: 'Uppercase'
Public methods (0)

No public methods.

New fields (2)
  • password_history_ids One2many → res.users.pass.history
    comodel_name='res.users.pass.history' inverse_name='user_id' readonly=True string='Password History'
  • password_write_date Datetime
    default=fields.Datetime.now readonly=True args: 'Last password update'
Public methods (4)
  • action_expire_password(self)
    @api.multi
  • create(self, vals)
    @api.model
  • password_match_message(self)
    @api.multi
  • write(self, vals)
    @api.multi

New fields (3)
  • date Datetime
    default=<expr> index=True
  • password_crypt Char
    string='Encrypted Password'
  • user_id Many2one → res.users
    comodel_name='res.users' index=True ondelete='cascade' string='User'
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-tools
GIT
GIThttps://github.com/OCA/server-tools.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-tools/tree/9.0/password_security
VERSION
VERSION 1.2.3
CATEGORY
CATEGORYBase
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), LasLabs
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), LasLabs
COMMITTERS
COMMITTERSStefan Rijnhart, Holger Brunn, Jairo Llopis, OCA Transbot, Dave Lasley, Moises Lopez - https://www.vauxoo.com/, oca-travis, Weblate, Oleg Bulkin, David Vidal
WEBSITE
WEBSITEhttps://laslabs.com
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:15:22
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_crypt
    - base
    - auth_signup
    - base_setup
    - web_kanban
    - web
    - mail
    - bus
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (1)
XML IDNameModelTypeStatus
view_company_form res.company.form res.company xpath Inherits base.view_company_form
Models touched (3)

New fields (8)
  • password_expiration Integer
    default=60 help='How many days until passwords expire' args: 'Days'
  • password_history Integer
    default=30 help='Disallow reuse of this many previous passwords - use negative number for infinite, or 0 to disable' args: 'History'
  • password_length Integer
    default=12 help='Minimum number of characters' args: 'Characters'
  • password_lower Boolean
    default=True help='Require lowercase letters' args: 'Lowercase'
  • password_minimum Integer
    default=24 help='Amount of hours until a user may change password again' args: 'Minimum Hours'
  • password_numeric Boolean
    default=True help='Require numeric digits' args: 'Numeric'
  • password_special Boolean
    default=True help='Require special characters' args: 'Special'
  • password_upper Boolean
    default=True help='Require uppercase letters' args: 'Uppercase'
Public methods (0)

No public methods.

New fields (2)
  • password_history_ids One2many → res.users.pass.history
    comodel_name='res.users.pass.history' inverse_name='user_id' readonly=True string='Password History'
  • password_write_date Datetime
    default=fields.Datetime.now readonly=True args: 'Last password update'
Public methods (5)
  • action_expire_password(self)
    @api.multi
  • check_password(self, password)
    @api.multi
  • create(self, vals)
    @api.model
  • password_match_message(self)
    @api.multi
  • write(self, vals)
    @api.multi

New fields (3)
  • date Datetime
    default=<expr> index=True
  • password_crypt Char
    string='Encrypted Password'
  • user_id Many2one → res.users
    comodel_name='res.users' index=True ondelete='cascade' string='User'
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-tools
GIT
GIThttps://github.com/OCA/server-tools.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-tools/tree/8.0/password_security
VERSION
VERSION 1.1.2
CATEGORY
CATEGORYBase
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), LasLabs
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), LasLabs
COMMITTERS
COMMITTERSStefan Rijnhart, GitHub, Jairo Llopis, OCA Transbot, David Beal, Dave Lasley, oca-travis, Weblate
WEBSITE
WEBSITEhttps://laslabs.com
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:11:25
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_crypt
    - base
    - auth_signup
    - base_setup
    - web_kanban
    - web
    - email_template
    - mail
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (1)
XML IDNameModelTypeStatus
view_company_form res.company.form res.company xpath Inherits base.view_company_form
Models touched (3)

New fields (8)
  • password_expiration Integer
    default=60 help='How many days until passwords expire' args: 'Days'
  • password_history Integer
    default=30 help='Disallow reuse of this many previous passwords - use negative number for infinite, or 0 to disable' args: 'History'
  • password_length Integer
    default=12 help='Minimum number of characters' args: 'Characters'
  • password_lower Boolean
    default=True help='Require lowercase letters' args: 'Lowercase'
  • password_minimum Integer
    default=24 help='Amount of hours until a user may change password again' args: 'Minimum Hours'
  • password_numeric Boolean
    default=True help='Require numeric digits' args: 'Numeric'
  • password_special Boolean
    default=True help='Require special characters' args: 'Special'
  • password_upper Boolean
    default=True help='Require uppercase letters' args: 'Uppercase'
Public methods (0)

No public methods.

New fields (2)
  • password_history_ids One2many → res.users.pass.history
    comodel_name='res.users.pass.history' inverse_name='user_id' readonly=True string='Password History'
  • password_write_date Datetime
    default=fields.Datetime.now readonly=True args: 'Last password update'
Public methods (5)
  • action_expire_password(self)
    @api.multi
  • check_password(self, password)
    @api.multi
  • create(self, vals)
    @api.model
  • password_match_message(self)
    @api.multi
  • write(self, vals)
    @api.multi

New fields (3)
  • date Datetime
    default=<expr> index=True
  • password_crypt Char
    string='Encrypted Password'
  • user_id Many2one → res.users
    comodel_name='res.users' index=True ondelete='cascade' string='User'
Public methods (0)

No public methods.

STATUS
STATUSOpen migration PR - not merged yet for this version
REPOSITORY
REPOSITORYOCA/server-auth
PULL REQUEST
PULL REQUEST[19.0][MIG] password_security: Migration from 18.0 to 19.0 (#910)