https://github.com/edoardottt/pwdsafety

🔒command line tool checking password safety🔒
https://github.com/edoardottt/pwdsafety

cli command-line-tool golang golang-application infosec linux password password-entropy password-generator password-hash password-safety password-strength passwords pwd pwd-safety pwdhash safety security security-scanner security-tools

Last synced: 6 months ago
JSON representation

🔒command line tool checking password safety🔒

• Host: GitHub
• URL: https://github.com/edoardottt/pwdsafety
• Owner: edoardottt
• License: gpl-3.0
• Created: 2020-03-14T16:38:44.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2025-03-16T08:18:58.000Z (7 months ago)
• Last Synced: 2025-03-30T21:06:10.242Z (7 months ago)
• Topics: cli, command-line-tool, golang, golang-application, infosec, linux, password, password-entropy, password-generator, password-hash, password-safety, password-strength, passwords, pwd, pwd-safety, pwdhash, safety, security, security-scanner, security-tools
• Language: Go
• Homepage: https://edoardottt.com/
• Size: 38.5 MB
• Stars: 81
• Watchers: 4
• Forks: 14
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

          


  

  


  Command line tool that checks how much a password is safe


  

    Coded with 💙 by edoardottt.

  





    

      

        

      

    

      

        

      

    

      

        

      

    

      

        

      

  


    

      

        

      

    

      

        

      

    

      

        

      





  Get Started •

  Description •

  Scoring •

  Contributing •

  Changelog





  



**This tool doesn't store any information!**  

**Never use personal information in your password!**  

- Use a password manager (I recommend [bitwarden](https://bitwarden.com/))  

- Don't use the same password for different services  

- Enable 2FA wherever possible  

Get Started 🎉

----------

### Snap

```console

sudo snap install pwdsafety

```

### Go1.17+

```console

go install -v github.com/edoardottt/pwdsafety/cmd/pwdsafety@latest

```

### From source

- First of all, clone the repo locally

  - `git clone https://github.com/edoardottt/pwdsafety.git`

- pwdsafety has external dependencies, so they need to be pulled in:

  - `cd pwdsafety/cmd && go get && cd ..`

- Linux (Requires high perms, run with sudo)

  - `make linux` (to install)

  - `make unlinux` (to uninstall)

- Windows (executable works only in pwdsafety folder. Alias?)

  - `make windows` (to install)

  - `make unwindows` (to uninstall)

Description 🔦

----------

It reads from standard input the entered password.  

First, it searches if the password or the password reversed is a well known pwd.  

Then, just do little calculations, checking if the basic rules are respected, like if there are UPPERCASE CHARS, lowercase chars, numb3rs and symbols.  

It stores the length of the password and the ratio [unique different chars / total chars].  

It calculates then the entropy of a password.  

Password entropy is a measurement of how unpredictable a password is.  

The formula for entropy is:  

              ![formula](https://github.com/edoardottt/images/blob/main/pwdsafety/formula.png)  

Where:

- E = password entropy  

- R = pool of unique characters  

- L = number of characters in your password  

- Then R^L = the number of possible passwords  

When the score <= 68(reasonable) it generates a random password.  

Scoring 💯

----------

**Max score: 100**

**Scores:**

- Very weak: 0 - 35

- Weak: 36 - 59

- Reasonable: 60 - 68

- Strong: 69 - 80

- Very strong: 81 -100

  

**Scoring parameters:**

- Found in known password

- Found in known password reversed

- Password composition:

  - numbers

  - symbols

  - uppercase

  - lowercase

- Unique different characters

- Length

- Entropy

Contributing 🛠

-------

Just open an [issue](https://github.com/edoardottt/pwdsafety/issues) / [pull request](https://github.com/edoardottt/pwdsafety/pulls).

Before opening a pull request, download [golangci-lint](https://golangci-lint.run/usage/install/) and run

```console

golangci-lint run

```

If there aren't errors, go ahead :)

See also [CONTRIBUTING.md](https://github.com/edoardottt/pwdsafety/blob/master/CONTRIBUTING.md) and [CODE OF CONDUCT.md](https://github.com/edoardottt/pwdsafety/blob/master/CODE_OF_CONDUCT.md)

Thanks to [fabaff](https://github.com/fabaff) and [ecnepsnai](https://github.com/ecnepsnai/pwnedpassword/blob/master/pwned.go).

Changelog 📌

-------

Detailed changes for each release are documented in the [release notes](https://github.com/edoardottt/pwdsafety/releases).

License 📝

-------

This repository is under [GNU General Public License v3.0](https://github.com/edoardottt/pwdsafety/blob/master/LICENSE).  

[edoardottt.com](https://edoardottt.com/) to contact me.