DOM.entropy = $(".entropy");
DOM.entropyFiltered = DOM.entropyContainer.find(".filtered");
DOM.entropyType = DOM.entropyContainer.find(".type");
- DOM.entropyStrength = DOM.entropyContainer.find(".strength");
+ DOM.entropyCrackTime = DOM.entropyContainer.find(".crack-time");
DOM.entropyEventCount = DOM.entropyContainer.find(".event-count");
DOM.entropyBits = DOM.entropyContainer.find(".bits");
DOM.entropyBitsPerEvent = DOM.entropyContainer.find(".bits-per-event");
}
function clearEntropyFeedback() {
- DOM.entropyStrength.text("...");
+ DOM.entropyCrackTime.text("...");
DOM.entropyType.text("");
DOM.entropyWordCount.text("0");
DOM.entropyEventCount.text("0");
function showEntropyFeedback(entropy) {
var numberOfBits = entropy.binaryStr.length;
- var strength = "extremely weak";
- if (numberOfBits >= 64) {
- strength = "very weak";
- }
- if (numberOfBits >= 96) {
- strength = "weak";
- }
- if (numberOfBits >= 128) {
- strength = "strong";
- }
- if (numberOfBits >= 160) {
- strength = "very strong";
- }
- if (numberOfBits >= 192) {
- strength = "extremely strong";
- }
- // If time to crack is less than one day, and password is considered
- // strong or better based on the number of bits, rename strength to
- // 'easily cracked'.
+ var timeToCrack = "unknown";
try {
var z = zxcvbn(entropy.base.parts.join(""));
- var timeToCrack = z.crack_times_seconds.offline_fast_hashing_1e10_per_second;
- if (timeToCrack < 86400 && entropy.binaryStr.length >= 128) {
- strength = "easily cracked";
- if (z.feedback.warning != "") {
- strength = strength + " - " + z.feedback.warning;
- };
- }
+ timeToCrack = z.crack_times_display.offline_fast_hashing_1e10_per_second;
+ if (z.feedback.warning != "") {
+ timeToCrack = timeToCrack + " - " + z.feedback.warning;
+ };
}
catch (e) {
- strength = "unknown";
console.log("Error detecting entropy strength with zxcvbn:");
console.log(e);
}
var bitsPerEvent = entropy.bitsPerEvent.toFixed(2);
DOM.entropyFiltered.html(entropy.cleanHtml);
DOM.entropyType.text(entropyTypeStr);
- DOM.entropyStrength.text(strength);
+ DOM.entropyCrackTime.text(timeToCrack);
DOM.entropyEventCount.text(entropy.base.ints.length);
DOM.entropyBits.text(numberOfBits);
DOM.entropyWordCount.text(wordCount);
events: 1,
bits: 4,
words: 0,
- strength: "extremely weak",
+ strength: "less than a second",
},
{
entropy: "AAAAAAAA",
events: 8,
bits: 32,
words: 3,
- strength: "extremely weak",
+ strength: "less than a second - Repeats like \"aaa\" are easy to guess",
},
{
entropy: "AAAAAAAA B",
events: 9,
bits: 36,
words: 3,
- strength: "extremely weak",
+ strength: "less than a second - Repeats like \"aaa\" are easy to guess",
},
{
entropy: "AAAAAAAA BBBBBBBB",
events: 16,
bits: 64,
words: 6,
- strength: "very weak",
+ strength: "less than a second - Repeats like \"aaa\" are easy to guess",
},
{
entropy: "AAAAAAAA BBBBBBBB CCCCCCCC",
events: 24,
bits: 96,
words: 9,
- strength: "weak",
+ strength: "less than a second",
},
{
entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDD",
events: 32,
bits: 128,
words: 12,
- strength: "easily cracked",
+ strength: "2 minutes",
},
{
entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDA",
events: 32,
bits: 128,
words: 12,
- strength: "strong",
+ strength: "2 days",
},
{
entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDA EEEEEEEE",
events: 40,
bits: 160,
words: 15,
- strength: "very strong",
+ strength: "3 years",
},
{
entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDA EEEEEEEE FFFFFFFF",
events: 48,
bits: 192,
words: 18,
- strength: "extremely strong",
+ strength: "centuries",
},
{
entropy: "7d",
events: 1,
bits: 5,
words: 0,
- strength: "extremely weak",
+ strength: "less than a second",
},
{
entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks",
events: 52,
bits: 225,
words: 21,
- strength: "extremely strong",
+ strength: "centuries",
},
{
entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks3d",
events: 53,
bits: 254,
words: 21,
- strength: "extremely strong",
+ strength: "centuries",
},
{
entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqs3d4d",
events: 53,
bits: 254,
words: 21,
- strength: "extremely strong",
+ strength: "centuries",
},
{
entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqs3d4d5d6d",
events: 53,
bits: 264,
words: 24,
- strength: "extremely strong",
+ strength: "centuries",
},
// Next test was throwing uncaught error in zxcvbn
// Also tests 451 bits, ie Math.log2(52!)*2 = 225.58 * 2
events: 104,
bits: 499,
words: 45,
- strength: "extremely strong",
+ strength: "centuries",
},
// Case insensitivity to duplicate cards
{
events: 2,
bits: 9,
words: 0,
- strength: "extremely weak",
+ strength: "less than a second",
},
{
entropy: "ASas",
events: 2,
bits: 9,
words: 0,
- strength: "extremely weak",
+ strength: "less than a second",
},
// Missing cards are detected
{
events: 51,
bits: 221,
words: 18,
- strength: "extremely strong",
+ strength: "centuries",
},
{
entropy: "ac2c3c4c5c6c7c8c tcjcqckcad2d3d4d 6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks",
events: 50,
bits: 216,
words: 18,
- strength: "extremely strong",
+ strength: "centuries",
},
{
entropy: "ac2c3c4c5c6c7c8c tcjcqckcad2d3d4d 6d7d8d9dtdjd kdah2h3h 5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks",
events: 48,
bits: 208,
words: 18,
- strength: "extremely strong",
+ strength: "centuries",
},
// More than six missing cards does not show message
{
events: 45,
bits: 195,
words: 18,
- strength: "extremely strong",
+ strength: "centuries",
},
// Multiple decks of cards increases bits per event
{
events: 33,
bits: 184,
bitsPerEvent: 5.59,
- strength: 'easily cracked - Repeats like "abcabcabc" are only slightly harder to guess than "abc"',
+ strength: 'less than a second - Repeats like "abcabcabc" are only slightly harder to guess than "abc"',
},
];
// use entropy