{"id":18078383,"url":"https://github.com/techgaun/zxcvbn-elixir","last_synced_at":"2025-04-10T03:52:34.961Z","repository":{"id":48288955,"uuid":"116526036","full_name":"techgaun/zxcvbn-elixir","owner":"techgaun","description":"Elixir implementation of zxcvbn by dropbox","archived":false,"fork":false,"pushed_at":"2025-01-16T20:53:42.000Z","size":558,"stargazers_count":57,"open_issues_count":10,"forks_count":11,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-04-10T03:52:25.803Z","etag":null,"topics":["elixir","hacktoberfest","hacktoberfest2021","password","zxcvbn","zxcvbn-elixir"],"latest_commit_sha":null,"homepage":"","language":"Elixir","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/techgaun.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-01-07T00:36:42.000Z","updated_at":"2025-03-10T13:10:10.000Z","dependencies_parsed_at":"2024-07-10T17:53:43.258Z","dependency_job_id":null,"html_url":"https://github.com/techgaun/zxcvbn-elixir","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/techgaun%2Fzxcvbn-elixir","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/techgaun%2Fzxcvbn-elixir/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/techgaun%2Fzxcvbn-elixir/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/techgaun%2Fzxcvbn-elixir/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/techgaun","download_url":"https://codeload.github.com/techgaun/zxcvbn-elixir/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248154998,"owners_count":21056542,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["elixir","hacktoberfest","hacktoberfest2021","password","zxcvbn","zxcvbn-elixir"],"created_at":"2024-10-31T12:13:51.403Z","updated_at":"2025-04-10T03:52:34.936Z","avatar_url":"https://github.com/techgaun.png","language":"Elixir","funding_links":[],"categories":[],"sub_categories":[],"readme":"# zxcvbn-elixir [![Build Status](https://travis-ci.org/techgaun/zxcvbn-elixir.svg?branch=master)](https://travis-ci.org/techgaun/zxcvbn-elixir) [![Hex Version](https://img.shields.io/hexpm/v/zxcvbn.svg)](https://hex.pm/packages/zxcvbn)\n\n\u003e Elixir implementation of [zxcvbn](https://github.com/dropbox/zxcvbn) by dropbox\n\n## Installation\n\n```elixir\ndef deps do\n  [\n    {:zxcvbn, \"~\u003e 0.3.0\"}\n  ]\nend\n```\n\n## Usage\n\n```elixir\nimport ZXCVBN\n\n# default without user inputs\n\nzxcvbn(\"Some Password\")\n\n# with user inputs; useful for adding to dictionary (for eg. submitted form inputs;\n# think someone using their e-mail address as password for example)\nzxcvbn(\"Password1\", [\"user@email.com\", \"Nepal\", \"Kathmandu\"])\n```\n\n### Configuration\n\nzxcvbn can be limited to only ascii charsets by setting mode in config as below:\n\n```elixir\nconfig :zxcvbn,\n  mode: :ascii\n```\n\nzxcvbn allow to customize feedback messages, for example to add I18n feature.\n\n```elixir\nconfig :zxcvbn,\n  message_formatter: MyApp.ZXCVBNMessageFormatter\n```\n\n```elixir\ndefmodule MyApp.ZXCVBNMessageFormatter do\n  def format(str) do\n    Gettext.dgettext(MyAppWeb.Gettext, \"zxcvbn\", str)\n  end\nend\n```\n\n\n### Usage Notes\n\n- Ideally, when you are using ZXCVBN, pass the first 100-200 characters only for reasonable latency.\n\n## Output Description\n\nThe result of running `ZXCVBN.zxcvbn/1` and `ZXCVBN.zxcvbn/2` is a map\nexcept for when empty string is supplied as password (which returns `:error`).\n\nBelow is a sample result and description of each fields.\n\n```elixir\n%{\n  # how long it took zxcvbn to calculate an answer,\n  # in milliseconds.\n  calc_time: 51,\n\n  # same keys as result.crack_times_seconds,\n  # with friendlier display string values:\n  # \"less than a second\", \"3 hours\", \"centuries\", etc.\n\n  crack_times_display: %{\n    offline_fast_hashing_1e10_per_second: \"less than a second\",\n    offline_slow_hashing_1e4_per_second: \"less than a second\",\n    online_no_throttling_10_per_second: \"less than a second\",\n    online_throttling_100_per_hour: \"1 minute\"\n  },\n\n  # dictionary of back-of-the-envelope crack time\n  # estimations, in seconds, based on a few scenarios\n\n  crack_times_seconds: %{\n    # offline attack with user-unique salting but a fast hash\n    # function like SHA-1, SHA-256 or MD5. A wide range of\n    # reasonable numbers anywhere from one billion - one trillion\n    # guesses per second, depending on number of cores and machines.\n    # ballparking at 10B/sec.\n\n    offline_fast_hashing_1e10_per_second: 3.0e-10,\n\n    # offline attack. assumes multiple attackers,\n    # proper user-unique salting, and a slow hash function\n    # w/ moderate work factor, such as bcrypt, scrypt, PBKDF2.\n\n    offline_slow_hashing_1e4_per_second: 0.0003,\n\n    # online attack on a service that doesn't ratelimit,\n    # or where an attacker has outsmarted ratelimiting.\n\n    online_no_throttling_10_per_second: 0.3,\n\n    # online attack on a service that ratelimits password auth attempts\n\n    online_throttling_100_per_hour: 108.0\n  },\n\n  # verbal feedback to help choose better passwords. set when score \u003c= 2.\n  feedback: %{\n\n    # a possibly-empty list of suggestions to help choose a less\n    # guessable password. eg. 'Add another word or two'\n    suggestions: [\"Add another word or two. Uncommon words are better.\",\n     \"Predictable substitutions like '@' instead of 'a' don't help very much\"],\n\n    # explains what's wrong, eg. 'this is a top-10 common password'.\n    # not always set -- sometimes an empty string\n    warning: \"\"\n  },\n\n  # estimated guesses needed to crack password\n  guesses: 3,\n\n  # order of magnitude of guesses\n  guesses_log10: 0.47712125471966244,\n\n  # input password\n  password: \"password\",\n\n  # Integer from 0-4 (useful for implementing a strength bar)\n  # 0 too guessable: risky password. (guesses \u003c 10^3)\n  # 1 very guessable: protection from throttled online attacks. (guesses \u003c 10^6)\n  # 2 somewhat guessable: protection from unthrottled online attacks. (guesses \u003c 10^8)\n  # 3 safely unguessable: moderate protection from offline slow-hash scenario. (guesses \u003c 10^10)\n  # 4 very unguessable: strong protection from offline slow-hash scenario. (guesses \u003e= 10^10)\n  score: 0,\n\n  # the list of patterns that zxcvbn based the\n  # guess calculation on.\n  sequence: [\n    %{\n      base_guesses: 2,\n      dictionary_name: :passwords,\n      guesses: 2,\n      guesses_log10: 0.3010299956639812,\n      i: 0,\n      j: 7,\n      l33t: false,\n      l33t_variations: 1,\n      matched_word: \"password\",\n      pattern: :dictionary,\n      rank: 2,\n      reversed: false,\n      token: \"password\",\n      uppercase_variations: 1\n    }\n  ]\n}\n```\n\n## Benchmark\n\nThe basic benchmark result can be seen by running:\n\n```shell\nmix run bench/run.exs\n```\n\nThat will create html output on `benchmarks` directory.\n\n## Test\n\nThe [zxcvbn.js](zxcvbn.js) is used to test the [correctness](test/zxcvbn_test.exs)\nwith the original implementation. ZXCVBN is a pure Elixir implementation\nand not a wrapper on top of javascript version.\n\n### Test Setup\n\n```\nnpm install\nmix test\n```\n\n## Author\n\n- [Samar Acharya](https://github.com/techgaun)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftechgaun%2Fzxcvbn-elixir","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftechgaun%2Fzxcvbn-elixir","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftechgaun%2Fzxcvbn-elixir/lists"}