Giter VIP home page Giter VIP logo

passwdqc-js's Introduction

Passwdqc-js

About

The passwdqc is the brilliant password quality checker library made by Openwall. Passwdqc-js is a JavaScript port of passwdqc, made by Parallels. Passwdqc-js supports AMD and NodeJS/CommonJS module format. So it runs on both client and server.

Demo page (Limited functionality)

http://doc.apsstandard.org/7.2/apsfiddle/?file=7.2/_static/examples/password/calcStrength.html

Compatibilty with Passwdqc

Passwdqc-js was tested for compatibility with original passwdqc. We used following password databases in order to guarantee that both accept nearly the same subset of passwords:

  • 14M unique RockYou passwords from 2009 leak (99.99% match with passwdqc)
  • 10K random 10-character symbolic passwords (100% match with passwdqc)
  • 10K random pass phrases, generated by passwdqc/pwqgen (100% match with passwdqc)

Usage

Use passwdqc.check(newpass, [oldpass], [login], [gecos], [params]) function to check password quality.

Parameters

  • newpass: password to check
  • oldpass: old password to check if new password is based on it
  • login: user's login name to check that password is not based on it
  • gecos: any other personal information to check
  • params: custom parameters for passwdqc algorithm, see

Return value

  • Empty string if password is considered good;
  • The reason why password is considered weak, otherwise.

Examples

NodeJS

var passwdqc = require('passwdqc');

var rv = passwdqc.check(password, old_password);

if (!rv) {
	// Password is of good quality
	// ...
} else {
	// The "rv" now contains reason why password considered weak
}

Client-Side

// Declare security policy
var lowParams	 = { min: [6,  6,  6, 6, 6], max: 40, passphrase_words: 3, match_length: 4, similar_deny: 1, random_bits: 47, flags: 3, retry: 3 },
	mediumParams = { min: [8,  8,  8, 7, 6], max: 40, passphrase_words: 3, match_length: 4, similar_deny: 1, random_bits: 47, flags: 3, retry: 3 };

// Checking value
function check(val){
    if(val.length == 0) return 0;
    if(!passwdqc_check(val)) return 4;
    if(!passwdqc_check(val, undefined, undefined, undefined, mediumParams)) return 3;
    if(!passwdqc_check(val, undefined, undefined, undefined, lowParams)) return 2;
    return 1;
}

Live full example

Distribution

NPM

npm install passwdqc

Bower More info about Bower

bower install passwdqc

TODO

  • More examples
  • Random password/passphrase generator

passwdqc-js's People

Contributors

adedov avatar ancyker avatar burashka avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.