public Strength measure(String password) { return measure(password, null); }
public JavaPortTest(String password) { this.password = password; zxcvbn = new Zxcvbn(); }
public static int judgePasswordStrengthUsingZxcvbnAlgorithm( final Configuration configuration, final String password ) { final Zxcvbn zxcvbn = new Zxcvbn(); final Strength strength = zxcvbn.measure( password ); final int zxcvbnScore = strength.getScore(); // zxcvbn returns a score of 0-4 (see: https://github.com/dropbox/zxcvbn) switch ( zxcvbnScore ) { case 4: return Integer.parseInt( configuration.readAppProperty( AppProperty.PASSWORD_STRENGTH_THRESHOLD_VERY_STRONG ) ); case 3: return Integer.parseInt( configuration.readAppProperty( AppProperty.PASSWORD_STRENGTH_THRESHOLD_STRONG ) ); case 2: return Integer.parseInt( configuration.readAppProperty( AppProperty.PASSWORD_STRENGTH_THRESHOLD_GOOD ) ); case 1: return Integer.parseInt( configuration.readAppProperty( AppProperty.PASSWORD_STRENGTH_THRESHOLD_WEAK ) ); default: return Integer.parseInt( configuration.readAppProperty( AppProperty.PASSWORD_STRENGTH_THRESHOLD_VERY_WEAK ) ); } }
public Strength measure(String password, List<String> sanitizedInputs) { if (password == null) { throw new IllegalArgumentException("Password is null."); } List<String> lowerSanitizedInputs; if (sanitizedInputs != null && !sanitizedInputs.isEmpty()) { lowerSanitizedInputs = new ArrayList<>(sanitizedInputs.size()); for (String sanitizedInput : sanitizedInputs) { lowerSanitizedInputs.add(sanitizedInput.toLowerCase()); } } else { lowerSanitizedInputs = Collections.emptyList(); } long start = time(); Matching matching = createMatching(lowerSanitizedInputs); List<Match> matches = matching.omnimatch(password); Strength strength = Scoring.mostGuessableMatchSequence(password, matches); strength.setCalcTime(time() - start); AttackTimes attackTimes = TimeEstimates.estimateAttackTimes(strength.getGuesses()); strength.setCrackTimeSeconds(attackTimes.getCrackTimeSeconds()); strength.setCrackTimesDisplay(attackTimes.getCrackTimesDisplay()); strength.setScore(attackTimes.getScore()); strength.setFeedback(Feedback.getFeedback(strength.getScore(), strength.getSequence())); return strength; }
public Strength measure(String password, List<String> sanitizedInputs) { if (password == null) { throw new IllegalArgumentException("Password is null."); } List<String> lowerSanitizedInputs; if (sanitizedInputs != null && !sanitizedInputs.isEmpty()) { lowerSanitizedInputs = new ArrayList<>(sanitizedInputs.size()); for (String sanitizedInput : sanitizedInputs) { lowerSanitizedInputs.add(sanitizedInput.toLowerCase()); } } else { lowerSanitizedInputs = Collections.emptyList(); } long start = time(); Matching matching = createMatching(lowerSanitizedInputs); List<Match> matches = matching.omnimatch(password); Strength strength = Scoring.mostGuessableMatchSequence(password, matches); strength.setCalcTime(time() - start); AttackTimes attackTimes = TimeEstimates.estimateAttackTimes(strength.getGuesses()); strength.setCrackTimeSeconds(attackTimes.getCrackTimeSeconds()); strength.setCrackTimesDisplay(attackTimes.getCrackTimesDisplay()); strength.setScore(attackTimes.getScore()); strength.setFeedback(Feedback.getFeedback(strength.getScore(), strength.getSequence())); return strength; }
@Test public void testJapaneseWarning() { Zxcvbn zxcvbn = new Zxcvbn(); Strength strength = zxcvbn.measure(password); Feedback feedback = strength.getFeedback(); ResourceBundle resourceBundle = ResourceBundle.getBundle("com/nulabinc/zxcvbn/messages", Locale.JAPANESE); String expectedWarningL10n = expectedWarning.length() > 0 ? resourceBundle.getString(expectedWarning) : ""; Assert.assertEquals("Unexpected warning", expectedWarningL10n, feedback.getWarning(Locale.JAPANESE)); }
public Strength measure(String password) { return measure(password, null); }
@Test public void testSuggestions() { Zxcvbn zxcvbn = new Zxcvbn(); Strength strength = zxcvbn.measure(password); Feedback feedback = strength.getFeedback(); ResourceBundle resourceBundle = ResourceBundle.getBundle("com/nulabinc/zxcvbn/messages", Locale.ROOT); String[] expectedSuggestionsL10n = new String[expectedSuggestions.length]; for (int i = 0; i < expectedSuggestions.length; i++) { String expectedSuggestion = expectedSuggestions[i]; expectedSuggestionsL10n[i] = resourceBundle.getString(expectedSuggestion); } Assert.assertArrayEquals("Unexpected suggestions", expectedSuggestionsL10n, feedback.getSuggestions(Locale.ENGLISH).toArray()); }
public Strength getScore(final String password) { if(StringUtils.isEmpty(password)) { return Strength.veryweak; } else { final int score = zxcvbn.measure(password, Collections.singletonList( PreferencesFactory.get().getProperty("application.name"))).getScore(); switch(score) { case 0: return Strength.veryweak; case 1: return Strength.weak; case 2: return Strength.fair; case 3: return Strength.strong; case 4: default: return Strength.verystrong; } } }
@Test public void testJapaneseSuggestions() { Zxcvbn zxcvbn = new Zxcvbn(); Strength strength = zxcvbn.measure(password); Feedback feedback = strength.getFeedback(); ResourceBundle resourceBundle = ResourceBundle.getBundle("com/nulabinc/zxcvbn/messages", Locale.JAPANESE); String[] expectedSuggestionsL10n = new String[expectedSuggestions.length]; for (int i = 0; i < expectedSuggestions.length; i++) { String expectedSuggestion = expectedSuggestions[i]; expectedSuggestionsL10n[i] = resourceBundle.getString(expectedSuggestion); } Assert.assertArrayEquals("Unexpected suggestions", expectedSuggestionsL10n, feedback.getSuggestions(Locale.JAPANESE).toArray()); }
@Test public void testMeasure() throws Exception { // add password to the engine scope engine.put("pwd", password); @SuppressWarnings("unchecked") Map<String, Object> result = (Map<String, Object>) engine.eval("zxcvbn(pwd);"); Object score = result.get("score"); int jsScore; // nashorn returns int, rhino returns double if (score instanceof Double) { jsScore = ((Double) score).intValue(); } else { jsScore = (int) score; } int javaScore = zxcvbn.measure(password).getScore(); Assert.assertEquals("Password score difference for " + password, jsScore, javaScore); }
@Test public void testWarning() { Zxcvbn zxcvbn = new Zxcvbn(); Strength strength = zxcvbn.measure(password); Feedback feedback = strength.getFeedback(); ResourceBundle resourceBundle = ResourceBundle.getBundle("com/nulabinc/zxcvbn/messages", Locale.ROOT); String expectedWarningL10n = expectedWarning.length() > 0 ? resourceBundle.getString(expectedWarning) : ""; Assert.assertEquals("Unexpected warning", expectedWarningL10n, feedback.getWarning(Locale.ENGLISH)); }
@Test public void testUnknownSuggestions() { Zxcvbn zxcvbn = new Zxcvbn(); Strength strength = zxcvbn.measure(password); Feedback feedback = strength.getFeedback().withResourceBundle(null); Assert.assertArrayEquals("Unexpected suggestions", expectedSuggestions, feedback.getSuggestions().toArray()); }