unicodeveloper / laravel-password Goto Github PK

Hey there,

Thanks for this package, it's great :)

I'm just wondering, why do you need to flip the array of dumb passwords? No scientific measures here, but this operation seems to be kind of memory intensive and take a bit of time to run. It is causing some of my tests in a project to fail due to running out of memory.

If I remove it, everything still seems to work as expected, and run a bit faster and use less memory.

Let me know. I'd be happy to submit a PR to remove it.

Thanks! 😄

Hi @unicodeveloper

I want to contribute to this project a bit more to get my feet wet with open source projects and seems like this one is the perfect starting point for me. I'm thinking we can do a refactor on this to separate the logic for parsing and searching the file to it's own class. What do you think? Overkill? Also was looking at maybe writing out some tests.

Just wanting feedback before I start working on it :)

Thanks,
Shaun

I'm thinking of making a password package and just came across yours.

Aside from checking the common 10k passwords I had this in mind:

• Making the password list localizable
• Speed up common password checking (3s is not acceptable IMO)
• Checking unicode password lengths like 💩💀 equals 2 and not 4
• Checks for common patterns like: dates, repeats (aaa), sequences (abcd), and qwerty patterns

Let me know if you're interesting in me extending this package or if I should make a separate one.

Caching the bad passwords list in the default Laravel migration for the cache table using MySQL (text with maximum length of 65k characters) is to big and crops the end of list which causes a decryption error "The payload is invalid." next time someone tries to change their password.