README.md
Overview
A password-strength tester based off of the OWASP Guidelines for enforcing secure passwords.
Usage
Input
| Parameter | Description |
|---|---|
| password | Password or passphrase to validate |
| min_length | (Optional) Minimum password length, default is 10 |
| max_length | (Optional) Maximum password length, default is 128 |
Output
| Parameter | Description |
|---|---|
| errors | An array of English human-readable error strings |
| failed_tests | An array of numeric test indexes for failed tests, [0-6] |
| passed_tests | An array of numeric test indexes for passed tests, [0-6] |
| required_test_errors | The subset of errors coming from required tests |
| optional_test_errors | The subset of errors coming from optional tests |
| is_passphrase | A boolean indicating whether or not the password was considered to be a passphrase |
| strong | A boolean indicating whether or not the user's password satisfied the strength requirements |
| optional_tests_passed | A number indicating how many of the optional tests were passed. In order for the password to be considered "strong", it must either be a passphrase, or must pass four optional tests |
Examples
Strong passphrase input:
{
"password": "correct horse battery staple"
}
Output:
{
"errors":[],
"failed_tests":[],
"is_passphrase":true,
"optional_test_errors":[],
"optional_tests_passed":0,
"passed_tests":[0, 1, 2],
"required_test_errors":[],
"strong":true
}
Weak password input:
{
"password": "12345",
"min_length": 5
}
Output:
{
"errors":[
"The password must contain at least one lowercase letter.",
"The password must contain at least one uppercase letter.",
"The password must contain at least one special character."
],
"failed_tests":[3, 4, 6],
"is_passphrase":false,
"optional_test_errors":[
"The password must contain at least one lowercase letter.",
"The password must contain at least one uppercase letter.",
"The password must contain at least one special character."
],
"optional_tests_passed":1,
"passed_tests":[0, 1, 2, 5],
"required_test_errors":[],
"strong":false
}
Contents