Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
password-benchmark
Advanced tools
password-benchmark
A JavaScript library that uses an advanced algorithm for estimating the quality/strength of passwords.
- 1.0.3
- npm
PasswordBenchmark
A JavaScript library that uses an advanced algorithm for estimating the quality/strength of passwords.
How to Use
For Browser
Add js script to your html file.
<script src="./PasswordBenchmark.js"></script>
<!-- [ optional ] list of about 10000 most common passwords, 86kb (gzip 32kb) -->
<script src="./MostPopularPasswords.js"></script>
Calculate the security quality of passwords.
PasswordBenchmark('you password here');
// return the security quality of passwords.
For Node.JS, Webpack...
First download from npm.
npm install --save password-benchmark
Import and initialize the library.
import PasswordBenchmark from 'password-benchmark';
// [ optional ] list of about 10000 most common passwords, 86kb (gzip 32kb)
import MostPopularPasswords from 'password-benchmark/dist/MostPopularPasswords'
// Load the popular passwords list
PasswordBenchmark.PopularPasswords.load(MostPopularPasswords)
Calculate the security quality of passwords.
PasswordBenchmark('you password here');
// return the security quality of passwords.
Algorithm from KeePass
KeePass uses an advanced algorithm for estimating the quality/strength of passwords. It searches for patterns, like e.g. popular passwords (based on a built-in list of about 10000 most common passwords; variations by upper-/lower-case and L33t substitutions are detected), repeated sequences, numbers (consisting of multiple digits), constant difference sequences, etc. For each pattern combination covering the whole password, the cost (number of bits required to encode the data and the order of the pattern identifiers) is calculated. For encoding pattern identifiers, an optimal static entropy encoder is used. Each single password character forms a pattern of length 1 and is encoded using a character space-dependent damped static entropy encoder. The minimum pattern combination cost is used as the final quality estimation.
Bits Strength 0-64 Very weak 64-80 Weak 80-112 Moderate 112-128 Strong ≥ 128 Very strong
FAQs
A JavaScript library that uses an advanced algorithm for estimating the quality/strength of passwords.
We found that password-benchmark demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 08 Jun 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024