# hardpass [![npm][npm-image]][npm-url] [![CircleCI][circleci-image]][circleci-url]
[npm-image]: https://img.shields.io/npm/v/hardpass.svg
[npm-url]: https://npmjs.org/package/hardpass
[circleci-image]: https://circleci.com/gh/akrawchyk/hardpass.svg?style=shield
[circleci-url]: https://circleci.com/gh/akrawchyk/hardpass
Lightweight password strength checker that enforces a strong password policy.
## features
* [\>99% smaller than zxcvbn](#motivation): just 2.0K gzipped, 4.8K minified, 8.7K uncompressed
* Feedback messages for weak passwords
* Familiar API
* Easy to [use with React](https://github.com/akrawchyk/react-use-hardpass)
## install
```shell
npm install hardpass --save
# or with yarn
yarn add hardpass
```
## usage
```js
const hardpass = require('hardpass');
hardpass('qwerty123');
/*
{
score: 0,
feedback: {
warning: 'Not complex enough',
suggestions: [
'Try adding at least 1 upper case character',
'Try adding at least 1 special character',
'Must be at least 10 characters long'
]
}
}
*/
hardpass('Cm;cF*1f5L');
/*
{
score: 4
}
*/
```
## policy
Inspired by [OWASP Proper Password Strenth Controls][owasp-url].
[owasp-url]: https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Authentication_Cheat_Sheet.md#implement-proper-password-strength-controls
### implemented
* Password length
* at least 10 characters
* at most 128 characters
* Password complexity
* at least 3 of:
* at least 1 uppercase character (A-Z)
* at least 1 lowercase character (a-z)
* at least 1 digit (0-9)
* at least 1 special character (punctuation) — ` !"#$%&'()*+,-./:;<=>?@[\\\]^_\`{|}~`
* not more than 2 identical characters in a row (e.g., 111 not allowed)
* Password topologies
* [Ban commonly used password topologies][korelogic-url]
* Feedback messages
[korelogic-url]: https://blog.korelogic.com/blog/2014/04/04/pathwell_topologies
### planned
* Configurable feedback messages
* Configurable password dictionaries
## motivation
> zxcvbn.js bundled and minified is about 400kB gzipped or 820kB uncompressed, most of which is dictionaries.<sup>\[[link][zxcvbn-quote-url]\]</sup>
We can eliminate the majority of weak passwords by enforcing baseline recommended
security policies for strong passwords.
We can prune common password dictionaries to reduce their footprint as well, and
provide different configurations for file-size tradeoffs.
[zxcvbn-quote-url]: https://github.com/dropbox/zxcvbn#script-load-latency
## license
[MIT © Andrew Krawchyk][license-url]
[license-url]: https://github.com/akrawchyk/hardpass/blob/master/LICENSE.md
没有合适的资源?快使用搜索试试~ 我知道了~
执行强密码策略的轻量级密码强度检查器。_TypeSc.zip
共17个文件
ts:6个
json:3个
js:3个
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 49 浏览量
2023-04-15
09:58:00
上传
评论
收藏 49KB ZIP 举报
温馨提示
执行强密码策略的轻量级密码强度检查器。_TypeSc.zip
资源推荐
资源详情
资源评论
收起资源包目录
执行强密码策略的轻量级密码强度检查器。_TypeSc.zip (17个子文件)
hardpass-master
LICENSE.md 1KB
.circleci
config.yml 505B
src
hardpass
types.d.ts 357B
index.ts 6KB
index.ts 107B
package.json 1KB
rollup.config.js 998B
package-lock.json 164KB
CODE_OF_CONDUCT.md 3KB
prettier.config.js 60B
test
hardpass
index.ts 3KB
typings
package.json.d.ts 59B
declarations.d.ts 26B
.gitignore 40B
tsconfig.json 451B
README.md 3KB
ava.config.js 125B
共 17 条
- 1
资源评论
快撑死的鱼
- 粉丝: 1w+
- 资源: 9152
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功