Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implementing password strength check #1071

Open
wants to merge 13 commits into
base: master
Choose a base branch
from
Open

Implementing password strength check #1071

Changes from 1 commit
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
6e8d4f9
Implemented password strength check
Jun 12, 2023
1dccb2d
made it prettier
Jun 12, 2023
eede6c5
Merge branch 'spacebarchat:master' into pass_strength_check
ngn13 Jun 14, 2023
43ac5fb
fixing the return value
ngn13 Jun 14, 2023
314bb29
fixing the unnecessary calculations
ngn13 Jun 14, 2023
15c2239
cleaning up and fixing checkPassword
Jun 14, 2023
0f86b30
made it prettier
Jun 14, 2023
b32d203
Merge branch 'master' into pass_strength_check
ngn13 Dec 26, 2023
a753b16
Actually calculate entropy
greysilly7 Jan 1, 2024
acc02a8
Fix formatting
greysilly7 Jan 1, 2024
63ef2a4
Format with prettier
greysilly7 Jan 2, 2024
8e564dc
Merge pull request #1 from greysilly7/pass_strength_check
ngn13 Jan 3, 2024
e12fae8
removed strength normalization
ngn13 Jan 3, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions src/api/util/utility/passwordStrength.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,25 +41,25 @@ export function checkPassword(password: string): number {
let pwStrength = 0;

// checks for total password len
if (password.length >= 8 - 1) {
if (password.length >= 7) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think these might been hard coded values for min and max that should have been configurable

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should I add the configuration options back then?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should I add the configuration options back then?

So far, we've tried to make as much as possible configurable my the instance owner, and I think the password policy would be no exception. But probably wait for other opinions on it.

pwStrength += 0.05;
}

// checks for amount of Numbers
const numbers = password.match(reNUMBER);
if (numbers && numbers.length >= 2 - 1) {
if (numbers && numbers.length >= 1) {
pwStrength += 0.05;
}

// checks for amount of Uppercase Letters
const uppercase = password.match(reUPPER);
if (uppercase && uppercase.length >= 2 - 1) {
if (uppercase && uppercase.length >= 1) {
pwStrength += 0.05;
}

// checks for amount of symbols
const symbols = password.match(reSYMBOLS);
if (symbols && symbols.length >= 2 - 1) {
if (symbols && symbols.length >= 1) {
pwStrength += 0.05;
}

Expand Down