Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#34 Password Strength

None
open
Mirko
None
5
2012-12-31
2011-01-05
Mirko
No

Add a Password Strength indicator,

Discussion

  • mark tomlinson
    mark tomlinson
    2011-02-15

    How does this sound as a basic algorithm?

    Password Strength Algorithm:

    Password Length:
    5 Points: Less than 4 characters
    10 Points: 5 to 7 characters
    25 Points: 8 or more

    Letters:
    0 Points: No letters
    10 Points: Letters are all lower case
    20 Points: Letters are upper case and lower case

    Numbers:
    0 Points: No numbers
    10 Points: 1 number
    20 Points: 3 or more numbers

    Characters:
    0 Points: No characters
    10 Points: 1 character
    25 Points: More than 1 character

    Bonus:
    2 Points: Letters and numbers
    3 Points: Letters, numbers, and characters
    5 Points: Mixed case letters, numbers, and characters

    Password Text Range:

    >= 90: Very Secure
    >= 80: Secure
    >= 70: Very Strong
    >= 60: Strong
    >= 50: Average
    >= 25: Weak
    >= 0: Very Weak

     
  • Mirko
    Mirko
    2011-02-18

    Good idea, I also find this project https://sourceforge.net/projects/jptapi/ on Sourceforge may be we can integrate this.

    Mirko

     
  • Mirko
    Mirko
    2011-02-21

    I've tryed http://justwild.us/examples/password/ and it works fine, it have a function that return a boolean value True if it is enough streight or False if it isn't and give back this information:

    true
    very strong - 79
    12 points for length (15)
    1 point for a lower case character
    5 point for an upper case character
    5 points for a number
    2 points for at least two numbers
    3 points for at least three numbers
    5 points for a special character
    5 points for at least two special characters
    2 combo points for upper and lower letters
    2 combo points for letters and numbers
    2 combo points for letters, numbers and special chars
    2 combo points for upper and lower case letters, numbers and special chars

    I think we can use this.

    Mirko

     
  • Mirko
    Mirko
    2011-03-02

    • assigned_to: nobody --> banzaay
     
  • Mirko
    Mirko
    2011-03-30

    I found an interesting article (http://pthree.org/2011/03/07/strong-passwords-need-entropy/) about Password Entropy.
    We can also add this information to the Password Streight indicator.

    Extract from the article:
    Any message contains some amount of entropy, and we can measure that entropy in binary bits. The formula for calculating this entropy is:

    H = L * log_2(N)

    H is the size of the message measured in binary bits. L is the length of the message- in our case, the length of your password. log_2() is the log function, base 2, and N is the number of possible symbols in the password (only lowercase letters provide 26 possible characters, uppercase provide an additional 26 possible characters, the digits provide 10 possible characters and punctuation provides 32 possible characters on an United States English keyboard). I rewrote the equation, so you could find it using your calculator:

    H = L * log(N) / log(2)

    Having this formula makes calculating the entropy of passwords straight forward. Here are some examples:

    * password: 38 bits (8 * log_2(26)
    * RedSox: 34 bits (6 * log_2(52))
    * B1gbRother|$alw4ysriGHt!?: 164 bits (26 * log_2(94))
    * deer2010: 41 bits (8 * log_2(36))
    * l33th4x0r: 46 bits (9 * log_2(36))
    * !Aaron08071999Keri|: 131 bits (28 * log_2(94))
    * PassWord: 46 bits (8 * log_2(52))
    * 4pRte!aii@3: 78 bits (12 * log_2(94))

     
  • Charles McCann
    Charles McCann
    2012-12-31

    • summary: Password Streight --> Password Strength
    • Description has changed:

    Diff:

    --- old
    +++ new
    @@ -1 +1 @@
    -Add a Password Streight indicator,
    +Add a Password Strength indicator,
    
    • milestone: -->