GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → kn9ts → Dumb Passwords

kn9ts / Dumb Passwords

Licence: mit
Don't let your user be a victim of their own action

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

securitypasswordspassword-strengthpassword-safetyvalidations

Projects that are alternatives of or similar to Dumb Passwords

PwnedPasswords
PwnedPasswords as a Service
Stars: ✭ 24 (-68.83%)
Mutual labels:  password-strength, password-safety, passwords
password-list
Password lists with top passwords to optimize bruteforce attacks
Stars: ✭ 174 (+125.97%)
Mutual labels:  password-strength, password-safety, passwords
Fugacious
OSSSM (awesome). Open source short-term secure messaging
Stars: ✭ 100 (+29.87%)
Mutual labels:  passwords, password-safety
Pw Pwnage Cfworker
Deploy a Cloudflare Worker to sanely score users' new passwords with zxcvbn AND check for matches against haveibeenpwned's 7.8+ billion breached accounts
Stars: ✭ 125 (+62.34%)
Mutual labels:  passwords, password-strength
Pwned Passwords Django
Utilities for working with the Pwned Passwords database from Django.
Stars: ✭ 71 (-7.79%)
Mutual labels:  passwords, password-strength
Netpwn
Tool made to automate tasks of pentesting.
Stars: ✭ 152 (+97.4%)
Mutual labels:  password-strength, password-safety
Pwned Passwords
🔐Go client library for checking values against compromised HIBP Pwned Passwords
Stars: ✭ 81 (+5.19%)
Mutual labels:  passwords, password-safety
keevault
Kee Vault is a password manager for your web browser. Password databases (Vaults) are encrypted using the KeePass storage format before being sent to a remote server for synchronisation across any modern device/browser
Stars: ✭ 57 (-25.97%)
Mutual labels:  password-safety, passwords
Password Strength
Angular UI library to illustrate and validate a password's strength with material design - Angular V9 supported
Stars: ✭ 186 (+141.56%)
Mutual labels:  password-strength, password-safety
Probable Wordlists
Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
Stars: ✭ 7,312 (+9396.1%)
Mutual labels:  password-strength, password-safety
RockYou2021.txt
RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
Stars: ✭ 288 (+274.03%)
Mutual labels:  password-strength, password-safety
Laravel Nist Password Rules
🔒 Laravel validation rules that follow the password related recommendations found in NIST Special Publication 800-63B section 5.
Stars: ✭ 157 (+103.9%)
Mutual labels:  passwords, password-strength
Bewgor
Bull's Eye Wordlist Generator - Does your password rely on predictable patterns of accessible info?
Stars: ✭ 333 (+332.47%)
Mutual labels:  password-strength, password-safety
laravel-pwned-passwords
Simple Laravel validation rule that allows you to prevent or limit the re-use of passwords that are known to be pwned (unsafe). Based on TroyHunt's Have I Been Pwned (https://haveibeenpwned.com)
Stars: ✭ 67 (-12.99%)
Mutual labels:  password-safety, passwords
Kaonashi
Wordlist, rules and masks from Kaonashi project (RootedCON 2019)
Stars: ✭ 353 (+358.44%)
Mutual labels:  password-strength, password-safety
Angular Validation
[INACTIVE] Client Side Validation for AngularJS 1. (You should use version > 2 💥)
Stars: ✭ 714 (+827.27%)
Mutual labels:  validations
Haveibeenpwned Zxcvbn Lambda Api
Deploy your own secure API to estimate password strength and check haveibeenpwned for known matches - HTTPS by force, server not required, fire and brimstone sold separately 🔥
Stars: ✭ 57 (-25.97%)
Mutual labels:  password-strength
Passgan
A Deep Learning Approach for Password Guessing (https://arxiv.org/abs/1709.00440)
Stars: ✭ 704 (+814.29%)
Mutual labels:  password-strength
Whaler
Program to reverse Docker images into Dockerfiles
Stars: ✭ 670 (+770.13%)
Mutual labels:  passwords
Passwords Webextension
The official browser extension for the Passwords app for Nextcloud.
Stars: ✭ 68 (-11.69%)
Mutual labels:  passwords
View All Similar Projects ➔

Coverage Status

Guard your users from security problems such as being hacked that start by having dumb passwords

Introduction

dumb-passwords is an NPM module that can be used to verify the user provided password is not one of the top 10,000 worst passwords as analysed by a respectable IT security analyst. Read about all here, here(wired) or here(telegram)

Getting Started

Installation

$ npm install dumb-passwords --save

Usage

Short example:

const dumbPasswords = require('dumb-passwords');

const isDumb = dumbPasswords.check('123456'); // true
// or use:
// const isDumb = dumbPasswords.checkPassword('123456');

Embedding it into your EXPRESS application:

'use strict';

const app = require('express')();
const dumbPasswords = require('dumb-passwords');

...

app.post('/user/create', (req, res) => {
  const userPassword = req.body.userPassword;

  if (dumbPasswords.check(userPassword)) {
    const rate = dumbPasswords.rateOfUsage(userPassword);
    let message = 'Dear user, that\'s a dumb password!';
    message += ' Why? For every 100,000 user accounts on the internet, ';
    message += rate.frequency + ' are "protected" using that same password.';
    message += ' Hacker\'s paradise.';

    // DO NOT send this back to your user, it's only for demo purposes
    res.status(200).send(message);
  } else {
    // that password is awesome!
    // that user SMART! Give them the key to success!
  }
});

...

app.listen(8080, () => {
  console.log('Express server listening on on port 8080');
});

// expose app
module.exports = app;

API

dumbPasswords.check(string) => true or false

Check if the string provided, representing the user's proposed submitted password is not one of the top 10,000 worst passwords users use.

returns true if the password is one of them and false if the password is not.

dumbPasswords.rateOfUsage(string) => {password, frequency}

Checks and returns the recorded usage frequency of the related password per 100,000 user passwords.

dumbPasswords.rateOfUsage('superman') // { password: 'superman', frequency: 2523 }

License

MIT © Eugene Mutai | Kevin Gathuku | Jeremy Kithome

DISCLAIMER: All opinions aired in this repo are ours and do not reflect any company or organisation any contributor is involved with.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].