{"id":17673629,"url":"https://github.com/codetheweb/zxcvbn","last_synced_at":"2025-03-30T16:15:01.413Z","repository":{"id":85614266,"uuid":"45422868","full_name":"codetheweb/zxcvbn","owner":"codetheweb","description":"Meteor wrapper for Dropbox's zxcvbn","archived":false,"fork":false,"pushed_at":"2016-05-03T23:12:32.000Z","size":720,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-02-05T17:38:31.519Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://atmospherejs.com/codetheweb/zxcvbn","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/codetheweb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-11-02T21:21:51.000Z","updated_at":"2016-05-03T23:12:33.000Z","dependencies_parsed_at":null,"dependency_job_id":"6f7bc0d9-baec-4cb2-83a4-a28552078afd","html_url":"https://github.com/codetheweb/zxcvbn","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codetheweb%2Fzxcvbn","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codetheweb%2Fzxcvbn/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codetheweb%2Fzxcvbn/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codetheweb%2Fzxcvbn/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/codetheweb","download_url":"https://codeload.github.com/codetheweb/zxcvbn/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246342994,"owners_count":20761947,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-24T05:42:40.247Z","updated_at":"2025-03-30T16:15:01.376Z","avatar_url":"https://github.com/codetheweb.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Wrapper for Dropbox's [zxcvbn](https://github.com/dropbox/zxcvbn)\n[![Build Status](https://travis-ci.org/codetheweb/zxcvbn.svg?branch=master)](https://travis-ci.org/codetheweb/zxcvbn)\n\n# This is no longer maintained!\nMeteor now supports [installing directly from npm packages](http://info.meteor.com/blog/announcing-meteor-1.3).\nInstall the npm-packaged version of zxcvbn with `npm install zxcvbn`, then import and use it just like any other npm package.\n\n## Install\n``` shell\nmeteor add codetheweb:zxcvbn\n```\n\n## Usage\n### (See the offical [docs](https://github.com/dropbox/zxcvbn/blob/master/README.md))\n``` javascript\nzxcvbn(password, user_inputs=[])\n```\n\n`zxcvbn()` takes one required argument, a password, and returns a result object with several properties:\n\n``` coffee\nresult.guesses            # estimated guesses needed to crack password\nresult.guesses_log10      # order of magnitude of result.guesses\n\nresult.crack_time_seconds # dictionary of back-of-the-envelope crack time\n                          # estimations, in seconds, based on a few scenarios:\n{\n  # online attack on a service that ratelimits password auth attempts.\n  online_throttling_100_per_hour\n\n  # online attack on a service that doesn't ratelimit,\n  # or where an attacker has outsmarted ratelimiting.\n  online_no_throttling_10_per_second\n\n  # offline attack. assumes multiple attackers,\n  # proper user-unique salting, and a slow hash function\n  # w/ moderate work factor, such as bcrypt, scrypt, PBKDF2.\n  offline_slow_hashing_1e4_per_second\n\n  # offline attack with user-unique salting but a fast hash\n  # function like SHA-1, SHA-256 or MD5. A wide range of\n  # reasonable numbers anywhere from one billion - one trillion\n  # guesses per second, depending on number of cores and machines.\n  # ballparking at 10B/sec.\n  offline_fast_hashing_1e10_per_second\n}\n\nresult.crack_time_display # same keys as result.crack_time_seconds,\n                          # with friendlier display string values:\n                          # \"less than a second\", \"3 hours\", \"centuries\", etc.\n\nresult.score      # Integer from 0-4 (useful for implementing a strength bar)\n\n  0 # too guessable: risky password. (guesses \u003c 10^3)\n\n  1 # very guessable: protection from throttled online attacks. (guesses \u003c 10^6)\n\n  2 # somewhat guessable: protection from unthrottled online attacks. (guesses \u003c 10^8)\n\n  3 # safely unguessable: moderate protection from offline slow-hash scenario. (guesses \u003c 10^10)\n\n  4 # very unguessable: strong protection from offline slow-hash scenario. (guesses \u003e= 10^10)\n\nresult.feedback   # verbal feedback to help choose better passwords. set when score \u003c= 2.\n\n  result.feedback.warning     # explains what's wrong, eg. 'this is a top-10 common password'.\n                              # not always set -- sometimes an empty string\n\n  result.feedback.suggestions # a possibly-empty list of suggestions to help choose a less\n                              # guessable password. eg. 'Add another word or two'\n\nresult.sequence   # the list of patterns that zxcvbn based the\n                  # guess calculation on.\n\nresult.calc_time  # how long it took zxcvbn to calculate an answer,\n                  # in milliseconds.\n````\n\nThe optional `user_inputs` argument is an array of strings that zxcvbn will treat as an extra dictionary. This can be whatever list of strings you like, but is meant for user inputs from other fields of the form, like name and email. That way a password that includes a user's personal information can be heavily penalized. This list is also good for site-specific vocabulary — Acme Brick Co. might want to include ['acme', 'brick', 'acmebrick', etc].\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcodetheweb%2Fzxcvbn","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcodetheweb%2Fzxcvbn","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcodetheweb%2Fzxcvbn/lists"}