lunes, 29 de junio de 2020

Checking Password Strength in 10 Lines

Talking about dependencies, there's this simple case:

To check password strength, we want different min lenghts for passwords depending if they have lower, upper, numbers, and simbols.

For this, there's passwdqc that allows you to do it in a very simple way,  but, do you really need a library?
Here's the minimalistic implementation I came up with, which I think is pretty decent, and again, has some nice property I can't quite describe.  The code is lua, but it can of course be translated to anything.

It has minimum lenghts for the passwords depending on the amount of different classes of characters it contains. If it only contains 1 type, we don't accept. for 2, minimum length 24,....
   local str ='*l')
   local d = str:match("[0-9]") and 1 or 0
   local down = str:match("[a-z]") and 1 or 0
   local up = str:match("[A-Z]") and 1 or 0
   local s = str:match("[!@#$^&*()_=+-]") and 1 or 0
   local l = #str
   local defs = {math.huge, 24, 11, 9}

No hay comentarios: