https://github.com/autonomoussoftware/fast-password-entropy
Calculate the entropy of a password string, but fast!
https://github.com/autonomoussoftware/fast-password-entropy
entropy javascript password
Last synced: about 1 year ago
JSON representation
Calculate the entropy of a password string, but fast!
- Host: GitHub
- URL: https://github.com/autonomoussoftware/fast-password-entropy
- Owner: autonomoussoftware
- License: mit
- Created: 2018-03-13T03:39:28.000Z (about 8 years ago)
- Default Branch: master
- Last Pushed: 2021-07-06T17:49:26.000Z (almost 5 years ago)
- Last Synced: 2025-04-08T10:52:11.691Z (about 1 year ago)
- Topics: entropy, javascript, password
- Language: JavaScript
- Homepage:
- Size: 163 KB
- Stars: 26
- Watchers: 8
- Forks: 2
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# fast-password-entropy
[](https://travis-ci.org/autonomoussoftware/fast-password-entropy)
[](https://github.com/bloq/eslint-config-bloq)
[](https://snyk.io/test/github/autonomoussoftware/fast-password-entropy:package.json) [](https://greenkeeper.io/)
Calculate the entropy bits of a string as a quick proxy to password strength.
See [Entropy as a measure of password strength](https://en.wikipedia.org/wiki/Password_strength#Entropy_as_a_measure_of_password_strength) for more information.
## Installation
```bash
$ npm install --save fast-password-entropy
```
## Usage
```js
const stringEntropy = require('fast-password-entropy')
console.log(stringEntropy('1234')) // 13
console.log(stringEntropy('password')) // 38
```
### ES5 support
A transpiled version is available in `es5/index.js`. To use that specific version, this syntax is also supported:
```js
var stringEntropy = require('fast-password-entropy/es5');
```
## Research
Several libraries were analyzed before creating this one. Some of those are listed below, along with the drawbacks found for each one.
[`information-entropy`](https://www.npmjs.com/package/information-entropy): Too basic. Cannot extract charset length from the string being tested.
[`joi-password-complexity`](https://github.com/kamronbatman/joi-password-complexity): Interesting but not providing raw entropy information.
[`passwd-strength`](https://github.com/tcort/passwd-strength): Values are correct but is too slow.
[`password-entropy`](https://www.npmjs.com/package/password-entropy): Entropy calculation is not following any standard so results are very different from other libs.
[`password-strength`](https://github.com/yuehu/password-strength): Only giving "simple", "medium", "strong" values.
[`string-entropy`](https://github.com/mvhenten/string-entropy): Provides good entropy values but is slow.
[`tai-password-strength`](https://github.com/tests-always-included/password-strength): Very complex and results are not fully matching the expected results.
[`zxcvbn`](https://github.com/dropbox/zxcvbn): Uses comprehensive heuristics to estimate complexity but solves a much more complex problem instead.
## Benchmark
After the research, only three libraries were analyzed in detail and benchmarked. This library results are 3.5x faster than the existing libraries.
```
$ npm run bench
Test strings [ '',
'8646',
'xtcmFWoH',
'Lp2x0P1iMEPWZKaQ',
'escape piece useful cloth',
'needle excitement over aloud price among',
'topic contain anything political great thank dawn among butter doll fought end' ]
Results for `fast-password-entropy` [ 0, 13, 46, 95, 147, 235, 459 ]
Results for `passwd-strength` [ 0, 13, 46, 95, 147, 235, 459 ]
Results for `password-entropy` [ 1, 1, 3, 10, 10, 10, 10 ]
Results for `string-entropy` [ 0, 13, 46, 95, 118, 188, 367 ]
Results for `tai-password-strength` [ 0, 6, 24, 62, 87, 152, 312 ]
Benchmarking...
fast-password-entropy x 557,198 ops/sec ±1.27% (87 runs sampled)
passwd-strength x 1,732 ops/sec ±4.36% (81 runs sampled)
string-entropy x 143,412 ops/sec ±3.92% (83 runs sampled)
tai-password-strength x 11,590 ops/sec ±1.28% (86 runs sampled)
Fastest is fast-password-entropy
```
## License
MIT