{"id":13721249,"url":"https://github.com/muesli/crunchy","last_synced_at":"2025-04-09T09:03:40.332Z","repository":{"id":54926541,"uuid":"98994565","full_name":"muesli/crunchy","owner":"muesli","description":"Finds common flaws in passwords. Like cracklib, but written in Go.","archived":false,"fork":false,"pushed_at":"2023-09-26T12:37:25.000Z","size":77,"stargazers_count":380,"open_issues_count":5,"forks_count":16,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-04-02T07:39:57.339Z","etag":null,"topics":["hacktoberfest"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/muesli.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null},"funding":{"github":"muesli"}},"created_at":"2017-08-01T11:37:23.000Z","updated_at":"2025-02-11T21:33:29.000Z","dependencies_parsed_at":"2024-01-13T11:12:56.675Z","dependency_job_id":"89a92543-38d5-491f-916c-cb2b39acade6","html_url":"https://github.com/muesli/crunchy","commit_stats":{"total_commits":75,"total_committers":7,"mean_commits":"10.714285714285714","dds":0.09333333333333338,"last_synced_commit":"9cd68953298fc9b77ae10562eaaf513e2c8c2ace"},"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muesli%2Fcrunchy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muesli%2Fcrunchy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muesli%2Fcrunchy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muesli%2Fcrunchy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/muesli","download_url":"https://codeload.github.com/muesli/crunchy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248008628,"owners_count":21032556,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest"],"created_at":"2024-08-03T01:01:14.522Z","updated_at":"2025-04-09T09:03:40.305Z","avatar_url":"https://github.com/muesli.png","language":"Go","funding_links":["https://github.com/sponsors/muesli"],"categories":["Go","Encryption"],"sub_categories":[],"readme":"crunchy\n=======\n\n[![Latest Release](https://img.shields.io/github/release/muesli/crunchy.svg)](https://github.com/muesli/crunchy/releases)\n[![GoDoc](https://godoc.org/github.com/golang/gddo?status.svg)](https://godoc.org/github.com/muesli/crunchy)\n[![Build Status](https://travis-ci.org/muesli/crunchy.svg?branch=master)](https://travis-ci.org/muesli/crunchy)\n[![Coverage Status](https://coveralls.io/repos/github/muesli/crunchy/badge.svg?branch=master)](https://coveralls.io/github/muesli/crunchy?branch=master)\n[![Go ReportCard](https://goreportcard.com/badge/muesli/crunchy)](https://goreportcard.com/report/muesli/crunchy)\n\nFinds common flaws in passwords. Like cracklib, but written in Go.\n\nDetects:\n - `ErrEmpty`: Empty passwords\n - `ErrTooShort`: Too short passwords\n - `ErrNoDigits`: Password does not contain any digits\n - `ErrNoSymbols`: Password does not contain any special characters\n - `ErrTooFewChars`: Too few different characters, like \"aabbccdd\"\n - `ErrTooSystematic`: Systematic passwords, like \"abcdefgh\" or \"87654321\"\n - `ErrDictionary`: Passwords from a dictionary / wordlist\n - `ErrMangledDictionary`: Mangled / reversed passwords, like \"p@ssw0rd\" or \"drowssap\"\n - `ErrHashedDictionary`: Hashed dictionary words, like \"5f4dcc3b5aa765d61d8327deb882cf99\" (the md5sum of \"password\")\n - `ErrFoundHIBP`: Optional hash checks against the haveibeenpwned.com database\n\nYour system dictionaries from `/usr/share/dict` will be indexed. If no dictionaries were found, crunchy only relies on\nthe regular sanity checks (`ErrEmpty`, `ErrTooShort`, `ErrTooFewChars` and `ErrTooSystematic`). On Ubuntu it is\nrecommended to install the wordlists distributed with `cracklib-runtime`, on macOS you can install `cracklib-words` from\nbrew. You could also install various other language dictionaries or wordlists, e.g. from skullsecurity.org.\n\ncrunchy uses the WagnerFischer algorithm to find mangled passwords in your dictionaries.\n\n## Installation\n\nMake sure you have a working Go environment (Go 1.2 or higher is required).\nSee the [install instructions](https://golang.org/doc/install.html).\n\nTo install crunchy, simply run:\n\n    go get github.com/muesli/crunchy\n\n## Example\n\n```go\npackage main\n\nimport (\n\t\"github.com/muesli/crunchy\"\n\t\"fmt\"\n)\n\nfunc main() {\n    validator := crunchy.NewValidator()\n\n    err := validator.Check(\"12345678\")\n    if err != nil {\n        fmt.Printf(\"The password '12345678' is considered unsafe: %v\\n\", err)\n    }\n\n    err = validator.Check(\"p@ssw0rd\")\n    if dicterr, ok := err.(*crunchy.DictionaryError); ok {\n        fmt.Printf(\"The password 'p@ssw0rd' is too similar to dictionary word '%s' (distance %d)\\n\",\n            dicterr.Word, dicterr.Distance)\n    }\n\n    err = validator.Check(\"d1924ce3d0510b2b2b4604c99453e2e1\")\n    if err == nil {\n        // Password is considered acceptable\n        ...\n    }\n}\n```\n\n## Custom Options\n\n```go\npackage main\n\nimport (\n\t\"github.com/muesli/crunchy\"\n\t\"fmt\"\n)\n\nfunc main() {\n    validator := crunchy.NewValidatorWithOpts(crunchy.Options{\n        // MinLength is the minimum length required for a valid password\n        // (must be \u003e= 1, default is 8)\n        MinLength: 10,\n\n        // MinDiff is the minimum amount of unique characters required for a valid password\n        // (must be \u003e= 1, default is 5)\n        MinDiff: 8,\n\n        // MinDist is the minimum WagnerFischer distance for mangled password dictionary lookups\n        // (must be \u003e= 0, default is 3)\n        MinDist: 4,\n\n        // Hashers will be used to find hashed passwords in dictionaries\n        Hashers: []hash.Hash{md5.New(), sha1.New(), sha256.New(), sha512.New()},\n\n        // DictionaryPath contains all the dictionaries that will be parsed\n        // (default is /usr/share/dict)\n        DictionaryPath: \"/var/my/own/dicts\",\n\n        // MustContainDigit is a flag to require at least one digit for a valid password\n        // (default is false)\n        MustContainDigit: true,\n\n        // MustContainSymbol is a flag to require at least one special symbol for a valid password\n        // (default is false)\n        MustContainSymbol: true,\n\n\t// Check haveibeenpwned.com database\n\t// Default is false\n\tCheckHIBP: true,\n    })\n    ...\n}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmuesli%2Fcrunchy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmuesli%2Fcrunchy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmuesli%2Fcrunchy/lists"}