| Copyright | This file is part of the package zxcvbn-hs. It is subject to the license terms in the LICENSE file found in the top-level directory of this distribution and at: https://code.devalot.com/sthenauth/zxcvbn-hs No part of this package including this file may be copied modified propagated or distributed except according to the terms contained in the LICENSE file. |
|---|---|
| License | MIT |
| Safe Haskell | Safe-Inferred |
| Language | Haskell2010 |
Text.Password.Strength
Description
This is a native Haskell implementation of the zxcvbn password strength estimation algorithm as it appears in the 2016 USENIX Security paper and presentation (with some small modifications).
Estimating Guesses
Arguments
| :: Config | Which dictionaries, keyboards, etc. to use. |
| -> Day | Reference day for date matches (should be current day). |
| -> Text | The password to score. |
| -> Score | Estimate. |
Estimate the number of guesses an attacker would need to make to crack the given password.
A score is an estimate of the number of guesses it would take to crack a password.
Calculating Password Strength
Measurement of password strength.
Constructors
| Risky | Too guessable: risky password. (guesses < \(10^{3}\)) |
| Weak | Very guessable: protection from throttled online attacks. (guesses < \(10^{6}\)) |
| Moderate | Somewhat guessable: protection from unthrottled online attacks. (guesses < \(10^{8}\)) |
| Safe | Safely unguessable: moderate protection from offline slow-hash scenario. (guesses < \(10^{10}\)) |
| Strong | Very unguessable: strong protection from offline slow-hash scenario. (guesses >= \(10^{10}\)) |
Instances
| Bounded Strength Source # | |
| Enum Strength Source # | |
Defined in Text.Password.Strength | |
| Read Strength Source # | |
| Show Strength Source # | |
| Eq Strength Source # | |
| Ord Strength Source # | |
Defined in Text.Password.Strength | |