Does anyone happen to have Good(ish) password strength calculation algorithm to share. No need for Über good (With common words) but something to give user some feedback is the password good or not and possibly block the weakest ones.
A podcasting friend of mine Bart Busschots created the website xkpasswd.net - XKPasswd - Secure Memorable Passwords and has provided all the perl modules for it as open source. Maybe you can find something in there, since I'm pretty sure I've seen some entropy calculation routines in there in the past.
try search user password in google, if you found any result then password is weak ;-)
ReplyDeleteYou can also use Have I Been Pwned API (or download the whole password db locally) https://haveibeenpwned.com/API/v2
ReplyDeletehaveibeenpwned.com - Have I Been Pwned: API v2
A podcasting friend of mine Bart Busschots created the website xkpasswd.net - XKPasswd - Secure Memorable Passwords and has provided all the perl modules for it as open source. Maybe you can find something in there, since I'm pretty sure I've seen some entropy calculation routines in there in the past.
ReplyDelete