stupid_password 0.0.1

data/README.md

@@ -0,0 +1,107 @@
+# Stupid Password
+
+    PasswordStupidityChecker.new.is_stupid? "alexander"
+     => "Is that a male name?"
+
+## Description
+
+Tell users their passwords are stupid and guessable.
+Save time on 'my password was stolen' support requests.
+
+## Synopsis
+
+    gem install stupid_password
+
+In Ruby:
+
+    require 'stupid_password'    
+
+    class PasswordStupidityChecker
+      include StupidPassword
+    end
+
+    PasswordStupidityChecker.new.is_stupid? "alexander"
+     => "Is that a male name?"
+
+If you're like to waste in namespace, you can include directly to String (which is highly not recommended):
+
+    String.send :include, StupidPassword
+
+    "valera".is_stupid?
+     => "Is that a male name?"
+
+## Contribute
+
+Fork, create topic branch, modify code, write tests, run tests, push, send me a pull request.
+
+Or, you can create a plugin and reference it on Wiki.
+Example plugin code:
+
+    class StupidPassword::Modifier::Reverse
+      def self.modify password
+        return 'reversed', password.reverse
+      end
+    end
+
+    PasswordStupidityChecker.new.is_stupid? "rednaxela"
+     => "Is that a reversed male name?"
+
+# Inspiration
+
+http://habrahabr.ru/post/113401/
+http://habrahabr.ru/post/132880/
+http://habrahabr.ru/post/138127/
+http://habrahabr.ru/post/138726/
+http://habrahabr.ru/post/145658/
+http://habrahabr.ru/post/147840/
+http://habrahabr.ru/company/abbyy/blog/149396/
+http://habrahabr.ru/post/80130/
+http://habrahabr.ru/post/2388/
+http://habrahabr.ru/post/75345/
+http://xato.net/passwords/more-top-worst-passwords/
+
+# Roadmap
+
+* Implement permutations
+* Use language specific dictionaries eg https://github.com/yohasebe/engtagger/blob/master/lib/engtagger/words.yml
+* Use aspell ffi-aspell
+* Allow configuration of which checks should (not) be run, i.e. "Spanish dictionary only", "limit permutations to 2 at once"
+* i18n for messages
+* Check compositions (with all modifier permutations), ie "alex1234"
+* Allow double checks ('monkey' => Is that an english word AND is it in top25 popular passwords?)
+* Implement benchmarks, refactor
+
+# Contributors
+
+...none yet
+
+# Links
+
+* [Code](https://github.com/pirj/stupid_password)
+* [Wiki](https://github.com/pirj/stupid_password/wiki)
+* [Author](https://github.com/pirj)
+
+## License
+
+(The MIT License)
+
+Copyright (c) 2012 Phil Pirozhkov
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/lib/stupid_password.rb

@@ -0,0 +1,20 @@
+module StupidPassword
+
+  def is_stupid? password=self
+    StupidPassword::Base.constants.each do |clazz_name|
+      clazz = Base.const_get clazz_name
+      clazz.guess password
+    end
+
+    #TODO check with all permutations of modifiers
+
+    false # Probably not so stupid
+  rescue Stupid => guessed
+    "Is that a #{guessed.message}?"
+  end
+end
+
+require 'stupid_password/stupid'
+require 'stupid_password/version'
+require 'stupid_password/base'
+require 'stupid_password/modifier'

data/lib/stupid_password/base.rb

@@ -0,0 +1,17 @@
+module StupidPassword::Base
+end
+
+require 'stupid_password/base/name'
+require 'stupid_password/base/top10'
+
+# TODO:
+  # Sequence
+  # Date
+  # Band
+  # Mean
+  # Sport
+  # City
+  # State
+  # Country
+  # Word
+  # Site name

data/lib/stupid_password/base/name.rb

@@ -0,0 +1,9 @@
+class StupidPassword::Base::Name
+  MALE_NAMES = %w{alexander alex andrey andrew basil claire vladimir vasily}
+  FEMALE_NAMES = %w{alexandra vera nadejda lubov}
+
+  def self.guess password
+    raise StupidPassword::Stupid.new 'male name' if MALE_NAMES.include? password
+    raise StupidPassword::Stupid.new 'female name' if FEMALE_NAMES.include? password
+  end
+end

data/lib/stupid_password/base/top10.rb

@@ -0,0 +1,93 @@
+#TODO
+
+#Myspace:
+# password1 
+# abc123 
+# myspace1 
+# password 
+# blink182 
+# qwerty1 
+# fuckyou 
+# 123abc 
+# baseball1 
+# football1 
+# 123456 
+# soccer 
+# monkey1 
+# liverpool1 
+# princess1 
+# jordan23 
+# slipknot1 
+# superman1
+# iloveyou1 
+# monkey
+
+#Yahoo:
+# 123456  1666  0.38%
+# password  780 0.18%
+# welcome 436 0.1%
+# ninja 333 0.08%
+# abc123  250 0.06%
+# 123456789 222 0.05%
+# 12345678  208 0.05%
+# sunshine  205 0.05%
+# princess  202 0.05%
+# qwerty
+
+# by SplashData:
+# password
+# 123456
+# 12345678
+# qwerty
+# abc123
+# monkey
+# 1234567
+# letmein
+# trustno1
+# dragon
+# baseball
+# 111111
+# iloveyou
+# master
+# sunshine
+# ashley
+# bailey
+# passw0rd
+# shadow
+# 123123
+# 654321
+# superman
+# qazwsx
+# michael
+# football
+
+#LinkedIn:
+# link
+# 1234
+# work
+# god
+# job
+# 12345
+# angel
+# the
+# ilove
+# sex
+# jesus
+# connect
+# fuck
+# monkey
+# 123456
+# master
+# bitch
+# dick
+# michael
+# jordan
+# dragon
+# killer
+# 654321
+# pepper
+# devil
+# princess
+# 1234567
+# iloveyou
+# carreer

data/lib/stupid_password/modifier.rb

@@ -0,0 +1,10 @@
+module StupidPassword::Modifier
+end
+
+require 'stupid_password/modifier/upcase'
+require 'stupid_password/modifier/downcase'
+require 'stupid_password/modifier/capitalize'
+
+# TODO
+# translit
+# keyboard layout

data/lib/stupid_password/modifier/capitalize.rb

@@ -0,0 +1,13 @@
+class StupidPassword::Modifier::Capitalize
+  def self.modify password
+    password.capitalize
+  end
+
+  def self.prefix
+    'capitalized'
+  end
+
+  def self.postfix
+    ''
+  end
+end

data/lib/stupid_password/modifier/downcase.rb

@@ -0,0 +1,13 @@
+class StupidPassword::Modifier::Downcase
+  def self.modify password
+    password.downcase
+  end
+
+  def self.prefix
+    ''
+  end
+
+  def self.postfix
+    'in lower case'
+  end
+end

data/lib/stupid_password/modifier/upcase.rb

@@ -0,0 +1,13 @@
+class StupidPassword::Modifier::Upcase
+  def self.modify password
+    password.downcase
+  end
+
+  def self.prefix
+    ''
+  end
+
+  def self.postfix
+    'in upper case'
+  end
+end

data/lib/stupid_password/stupid.rb

@@ -0,0 +1,2 @@
+class StupidPassword::Stupid < StandardError
+end

data/lib/stupid_password/version.rb

@@ -0,0 +1,3 @@
+module StupidPassword
+  VERSION = "0.0.1"
+end

data/spec/base_spec.rb

@@ -0,0 +1,8 @@
+require 'spec_helper.rb'
+
+describe StupidPassword::Base do
+  it "detects names" do
+    'alexander'.is_stupid?.should eq "Is that a male name?"
+    'rnieciunm'.is_stupid?.should eq false
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,3 @@
+require 'stupid_password'
+
+String.send :include, StupidPassword

data/stupid_password.gemspec

@@ -0,0 +1,20 @@
+require File.expand_path('../lib/stupid_password/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.name          = "stupid_password"
+  gem.version       = StupidPassword::VERSION
+  # gem.date          = ???
+  gem.summary       = "Stupid password detector"
+  gem.description   = "Tell users their passwords are stupid and guessable."
+
+  gem.homepage      = "http://github.com/pirj/stupid_password"
+  gem.authors       = ["Phil Pirozhkov"]
+
+  gem.files         = `git ls-files`.split("\n")
+  gem.test_files    = `git ls-files -- {spec}/*`.split("\n")
+  gem.require_paths = ["lib"]
+
+  # gem.add_runtime_dependency 'ffi-aspell'
+
+  gem.add_development_dependency 'rspec', '~> 2.0'
+end

metadata

@@ -0,0 +1,74 @@
+--- !ruby/object:Gem::Specification
+name: stupid_password
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Phil Pirozhkov
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-10-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.0'
+description: Tell users their passwords are stupid and guessable.
+email: 
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- lib/stupid_password.rb
+- lib/stupid_password/base.rb
+- lib/stupid_password/base/name.rb
+- lib/stupid_password/base/top10.rb
+- lib/stupid_password/modifier.rb
+- lib/stupid_password/modifier/capitalize.rb
+- lib/stupid_password/modifier/downcase.rb
+- lib/stupid_password/modifier/upcase.rb
+- lib/stupid_password/stupid.rb
+- lib/stupid_password/version.rb
+- spec/base_spec.rb
+- spec/spec_helper.rb
+- stupid_password.gemspec
+homepage: http://github.com/pirj/stupid_password
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Stupid password detector
+test_files: []