We use cookies to improve your experience. No personal information is gathered and we don't serve ads. Cookies Policy.

ExpressionEngine
Log In Sign Up
default app icon

Rotate

By tripleNERDscore
Security

Description

Force members to rotate their passwords on a regular basis, right in your EE site!

Enforce Smart Password Rotation in ExpressionEngine

Security should not be optional. With Rotate, you can require members to update their passwords on a schedule, prevent password reuse, and maintain stronger security standards across your ExpressionEngine site, all without disrupting the user experience.

Whether you manage internal teams, client portals, or high-value member accounts, Rotate gives you simple, centralized control over password hygiene.

Why Rotate?

Strong passwords are only effective if they stay strong.

Rotate helps you:

  • Enforce password expiration (e.g., every 90 days)
  • Prevent members from reusing old passwords
  • Force organization-wide resets when needed
  • Maintain security compliance requirements
  • Reduce risk from stale credentials

No complicated configuration. No external services. Just native ExpressionEngine integration.

Key Features

Scheduled Password Expiration

Set the number of days before a password must be reset. Rotate automatically checks expiration at login and during Control Panel activity.

Password Reuse Protection

Prevent members from recycling old passwords. Rotate tracks previous passwords securely using bcrypt and ensures each new password is truly new.

Full CP Enforcement

Members cannot bypass the reset requirement. Rotate uses native EE hooks to enforce expiration across all Control Panel pages until the password is changed.

Force-All Reset via CLI

Need to trigger a company-wide reset?

Run:

php eecli.php rotate:force-all

All members will be required to reset their password on next login. Safe to run multiple times.

Custom Redirects

Send users to a custom password reset page, or use the default EE profile screen. Your workflow, your choice.

How It Works

Rotate integrates directly into the login process and session lifecycle.

  • On login, it checks expiration and password history.
  • On Control Panel page load, it ensures users cannot navigate away from the reset process.
  • Password reuse detection happens securely using password_verify() against stored hashes.

The result: seamless enforcement without breaking normal workflows.

Built for Real-World Teams

Rotate is ideal for:

  • Agencies managing client access
  • Organizations with compliance requirements
  • Membership sites with elevated security needs
  • Companies enforcing internal security policies

If security matters, Rotate should be part of your ExpressionEngine stack.

Backed by tripleNERDscore

Rotate is built and supported by tripleNERDscore, the team behind high-quality ExpressionEngine add-ons and enterprise web solutions.

Information
Version 1.0.0
Last Update 3 weeks ago
Compatibility EE 7
License Commercial
Links
ExpressionEngine Home Features Pro Contact Version Support
Learn Docs University Forums
Resources Support Add-Ons Partners Blog
Privacy Terms Trademark Use License

Packet Tide owns and develops ExpressionEngine. © Packet Tide, All Rights Reserved.