zxcvbn-hs-0.2.0.0: Password strength estimation based on zxcvbn.

CopyrightThis file is part of the package zxcvbn-hs. It is subject to the
license terms in the LICENSE file found in the top-level directory
of this distribution and at:

https://code.devalot.com/sthenauth/zxcvbn-hs

No part of this package including this file may be copied
modified propagated or distributed except according to the terms
contained in the LICENSE file.
LicenseMIT
Safe HaskellNone
LanguageHaskell2010

Text.Password.Strength

Contents

Description

This is a native Haskell implementation of the zxcvbn password strength estimation algorithm as it appears in the 2016 USENIX Security paper and presentation (with some small modifications).

Synopsis

Estimating Guesses

score Source #

Arguments

:: Config

Which dictionaries, keyboards, etc. to use.

-> Day

Reference day for date matches (should be current day).

-> Text

The password to score.

-> Score

Estimate.

Estimate the number of guesses an attacker would need to make to crack the given password.

newtype Score Source #

A score is an estimate of the number of guesses it would take to crack a password.

Constructors

Score 

Fields

Instances
Eq Score Source # 
Instance details

Defined in Text.Password.Strength.Internal.Search

Methods

(==) :: Score -> Score -> Bool #

(/=) :: Score -> Score -> Bool #

Ord Score Source # 
Instance details

Defined in Text.Password.Strength.Internal.Search

Methods

compare :: Score -> Score -> Ordering #

(<) :: Score -> Score -> Bool #

(<=) :: Score -> Score -> Bool #

(>) :: Score -> Score -> Bool #

(>=) :: Score -> Score -> Bool #

max :: Score -> Score -> Score #

min :: Score -> Score -> Score #

Show Score Source # 
Instance details

Defined in Text.Password.Strength.Internal.Search

Methods

showsPrec :: Int -> Score -> ShowS #

show :: Score -> String #

showList :: [Score] -> ShowS #

Calculating Password Strength

strength :: Score -> Strength Source #

Calculate the strength of a password given its score.

data Strength Source #

Measurement of password strength.

Constructors

Risky

Too guessable: risky password. (guesses < \(10^{3}\))

Weak

Very guessable: protection from throttled online attacks. (guesses < \(10^{6}\))

Moderate

Somewhat guessable: protection from unthrottled online attacks. (guesses < \(10^{8}\))

Safe

Safely unguessable: moderate protection from offline slow-hash scenario. (guesses < \(10^{10}\))

Strong

Very unguessable: strong protection from offline slow-hash scenario. (guesses >= \(10^{10}\))

Default Configuration

en_US :: Config Source #

Default configuration for US English.