zxcvbn 0.1.1 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +34 -2
- data/.travis.yml +1 -1
- data/CHANGELOG.md +11 -1
- data/Gemfile +9 -4
- data/Gemfile.lock +26 -1
- data/README.md +45 -37
- data/bin/console +5 -2
- data/lib/zxcvbn.rb +17 -9
- data/lib/zxcvbn/adjacency_graphs.rb +50 -46
- data/lib/zxcvbn/feedback.rb +68 -70
- data/lib/zxcvbn/frequency_lists.rb +9 -7
- data/lib/zxcvbn/matching.rb +232 -249
- data/lib/zxcvbn/scoring.rb +153 -167
- data/lib/zxcvbn/time_estimates.rb +18 -20
- data/lib/zxcvbn/version.rb +1 -1
- data/zxcvbn.gemspec +2 -2
- metadata +9 -8
@@ -4,41 +4,41 @@ module Zxcvbn
|
|
4
4
|
module TimeEstimates
|
5
5
|
def self.estimate_attack_times(guesses)
|
6
6
|
crack_times_seconds = {
|
7
|
-
online_throttling_100_per_hour
|
8
|
-
online_no_throttling_10_per_second
|
9
|
-
offline_slow_hashing_1e4_per_second
|
10
|
-
offline_fast_hashing_1e10_per_second
|
7
|
+
"online_throttling_100_per_hour" => guesses / (100.0 / 3600.0),
|
8
|
+
"online_no_throttling_10_per_second" => guesses / 10.0,
|
9
|
+
"offline_slow_hashing_1e4_per_second" => guesses / 1e4,
|
10
|
+
"offline_fast_hashing_1e10_per_second" => guesses / 1e10
|
11
11
|
}
|
12
|
-
crack_times_display = {}
|
12
|
+
crack_times_display = {}
|
13
13
|
crack_times_seconds.each do |scenario, seconds|
|
14
14
|
crack_times_display[scenario] = display_time(seconds)
|
15
15
|
end
|
16
16
|
|
17
|
-
|
18
|
-
crack_times_seconds
|
19
|
-
crack_times_display
|
20
|
-
score
|
17
|
+
{
|
18
|
+
"crack_times_seconds" => crack_times_seconds,
|
19
|
+
"crack_times_display" => crack_times_display,
|
20
|
+
"score" => guesses_to_score(guesses)
|
21
21
|
}
|
22
22
|
end
|
23
23
|
|
24
24
|
def self.guesses_to_score(guesses)
|
25
|
-
delta = 5
|
25
|
+
delta = 5
|
26
26
|
if guesses < 1e3 + delta
|
27
27
|
# risky password: "too guessable"
|
28
|
-
|
28
|
+
0
|
29
29
|
elsif guesses < 1e6 + delta
|
30
30
|
# modest protection from throttled online attacks: "very guessable"
|
31
|
-
|
31
|
+
1
|
32
32
|
elsif guesses < 1e8 + delta
|
33
33
|
# modest protection from unthrottled online attacks: "somewhat guessable"
|
34
|
-
|
34
|
+
2
|
35
35
|
elsif guesses < 1e10 + delta
|
36
36
|
# modest protection from offline attacks: "safely unguessable"
|
37
37
|
# assuming a salted, slow hash function like bcrypt, scrypt, PBKDF2, argon, etc
|
38
|
-
|
38
|
+
3
|
39
39
|
else
|
40
40
|
# strong protection from offline attacks under same scenario: "very unguessable"
|
41
|
-
|
41
|
+
4
|
42
42
|
end
|
43
43
|
end
|
44
44
|
|
@@ -50,7 +50,7 @@ module Zxcvbn
|
|
50
50
|
year = month * 12
|
51
51
|
century = year * 100
|
52
52
|
display_num, display_str = if seconds < 1
|
53
|
-
[nil,
|
53
|
+
[nil, "less than a second"]
|
54
54
|
elsif seconds < minute
|
55
55
|
base = seconds.round
|
56
56
|
[base, "#{base} second"]
|
@@ -70,11 +70,9 @@ module Zxcvbn
|
|
70
70
|
base = (seconds / year).round
|
71
71
|
[base, "#{base} year"]
|
72
72
|
else
|
73
|
-
[nil,
|
74
|
-
end
|
75
|
-
if display_num && display_num != 1
|
76
|
-
display_str += 's'
|
73
|
+
[nil, "centuries"]
|
77
74
|
end
|
75
|
+
display_str += "s" if display_num && display_num != 1
|
78
76
|
display_str
|
79
77
|
end
|
80
78
|
end
|
data/lib/zxcvbn/version.rb
CHANGED
data/zxcvbn.gemspec
CHANGED
@@ -9,10 +9,10 @@ Gem::Specification.new do |spec|
|
|
9
9
|
spec.email = ["formigarafa@gmail.com"]
|
10
10
|
|
11
11
|
spec.summary = ""
|
12
|
-
spec.description = "Ruby port of Dropbox's zxcvbn.js"
|
12
|
+
spec.description = "100% native Ruby 100% compatible port of Dropbox's zxcvbn.js"
|
13
13
|
spec.homepage = "http://github.com/formigarafa/zxcvbn-rb"
|
14
14
|
spec.license = "MIT"
|
15
|
-
spec.required_ruby_version = Gem::Requirement.new(">= 2.
|
15
|
+
spec.required_ruby_version = Gem::Requirement.new(">= 2.5.0")
|
16
16
|
|
17
17
|
spec.metadata["homepage_uri"] = spec.homepage
|
18
18
|
spec.metadata["source_code_uri"] = spec.homepage
|
metadata
CHANGED
@@ -1,16 +1,16 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: zxcvbn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rafael Santos
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-05-
|
11
|
+
date: 2021-05-28 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
|
-
description: Ruby port of Dropbox's zxcvbn.js
|
13
|
+
description: 100% native Ruby 100% compatible port of Dropbox's zxcvbn.js
|
14
14
|
email:
|
15
15
|
- formigarafa@gmail.com
|
16
16
|
executables: []
|
@@ -46,7 +46,7 @@ metadata:
|
|
46
46
|
homepage_uri: http://github.com/formigarafa/zxcvbn-rb
|
47
47
|
source_code_uri: http://github.com/formigarafa/zxcvbn-rb
|
48
48
|
changelog_uri: http://github.com/formigarafa/zxcvbn-rb/blob/HEAD/CHANGELOG.md
|
49
|
-
post_install_message:
|
49
|
+
post_install_message:
|
50
50
|
rdoc_options: []
|
51
51
|
require_paths:
|
52
52
|
- lib
|
@@ -54,15 +54,16 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
54
54
|
requirements:
|
55
55
|
- - ">="
|
56
56
|
- !ruby/object:Gem::Version
|
57
|
-
version: 2.
|
57
|
+
version: 2.5.0
|
58
58
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
59
59
|
requirements:
|
60
60
|
- - ">="
|
61
61
|
- !ruby/object:Gem::Version
|
62
62
|
version: '0'
|
63
63
|
requirements: []
|
64
|
-
|
65
|
-
|
64
|
+
rubyforge_project:
|
65
|
+
rubygems_version: 2.7.6.3
|
66
|
+
signing_key:
|
66
67
|
specification_version: 4
|
67
68
|
summary: ''
|
68
69
|
test_files: []
|