Blog Detail


Keep password history of your users with a Laravel Package cover image

Keep password history of your users with a Laravel Package

Laravel password history is a package by Iman Ghafoori that can keep a password history of your users to prevent them from reusing the same password, for security reasons like what google does.


You can install this package via composer by running this command.

composer require imanghafoori/laravel-password-history

To publish the config file and migrate the database:

php artisan vendor:publish
php artisan migrate

Visit the config/password_history.php file to see all the possibilities.


This package will observe the saved event of the models (which are mentioned in the config file) and record the password hashes automatically.

// When inserting, it will also log the password hash in the "password_histories" table

// Sample for changing the password
$user = User::find($id);
$passHash = Hash::make(request('new_password'));

$user->password = $passHash;
$user->save(); // after saving the model, the password change  will be recorded, automatically

We suggest using saveOrFail to do all the queries in a transaction


Be careful that changing the model like below does not fire any model event hence to password change would be recorded behind the scenes.

// Here we do NOT get the model from db and only send  an update query
// So laravel does NOT fire model events
User::where('id', $id)->update($data);

Validation Rules

And there is a validation rule for you to check the entire password history against the new password in laravel validation rules.

use Imanghafoori\PasswordHistory\Rules\NotBeInPasswordHistory;

$rules = [
    // ... 
    'password' => [
    // ... 


Again you may want to take a quick look at the source code on Github to see what is going on there.

Published at : 12-01-2022

Author : Rizwan Aslam
Rizwan Aslam

I am a highly results-driven professional with 12+ years of collective experience in the grounds of web application development especially in laravel, native android application development in java, and desktop application development in the dot net framework. Now managing a team of expert developers at Codebrisk.

Launch project