diff options
| -rw-r--r-- | src/index.html | 4 | ||||
| -rw-r--r-- | src/js/index.js | 38 | ||||
| -rw-r--r-- | tests.js | 44 |
3 files changed, 32 insertions, 54 deletions
diff --git a/src/index.html b/src/index.html index bc8ffba..5edd68e 100644 --- a/src/index.html +++ b/src/index.html | |||
| @@ -165,8 +165,8 @@ | |||
| 165 | <div class="col-sm-7"> | 165 | <div class="col-sm-7"> |
| 166 | <textarea id="entropy" rows="2" class="entropy form-control" placeholder="Accepts binary, base 6, 6-sided dice, base 10, hexadecimal, cards" data-translate-placeholder></textarea> | 166 | <textarea id="entropy" rows="2" class="entropy form-control" placeholder="Accepts binary, base 6, 6-sided dice, base 10, hexadecimal, cards" data-translate-placeholder></textarea> |
| 167 | <div class="row"> | 167 | <div class="row"> |
| 168 | <label class="col-sm-3 control-label" data-translate>Strength</label> | 168 | <label class="col-sm-3 control-label" data-translate><span class="more-info" data-translate-title title="Based on estimates from zxcvbn using Filtered Entropy">Time To Crack</span></label> |
| 169 | <div class="strength col-sm-3 form-control-static"></div> | 169 | <div class="crack-time col-sm-3 form-control-static"></div> |
| 170 | <label class="col-sm-3 control-label" data-translate>Event Count</label> | 170 | <label class="col-sm-3 control-label" data-translate>Event Count</label> |
| 171 | <div class="event-count col-sm-3 form-control-static"></div> | 171 | <div class="event-count col-sm-3 form-control-static"></div> |
| 172 | </div> | 172 | </div> |
diff --git a/src/js/index.js b/src/js/index.js index 3b86e42..2bb766d 100644 --- a/src/js/index.js +++ b/src/js/index.js | |||
| @@ -30,7 +30,7 @@ | |||
| 30 | DOM.entropy = $(".entropy"); | 30 | DOM.entropy = $(".entropy"); |
| 31 | DOM.entropyFiltered = DOM.entropyContainer.find(".filtered"); | 31 | DOM.entropyFiltered = DOM.entropyContainer.find(".filtered"); |
| 32 | DOM.entropyType = DOM.entropyContainer.find(".type"); | 32 | DOM.entropyType = DOM.entropyContainer.find(".type"); |
| 33 | DOM.entropyStrength = DOM.entropyContainer.find(".strength"); | 33 | DOM.entropyCrackTime = DOM.entropyContainer.find(".crack-time"); |
| 34 | DOM.entropyEventCount = DOM.entropyContainer.find(".event-count"); | 34 | DOM.entropyEventCount = DOM.entropyContainer.find(".event-count"); |
| 35 | DOM.entropyBits = DOM.entropyContainer.find(".bits"); | 35 | DOM.entropyBits = DOM.entropyContainer.find(".bits"); |
| 36 | DOM.entropyBitsPerEvent = DOM.entropyContainer.find(".bits-per-event"); | 36 | DOM.entropyBitsPerEvent = DOM.entropyContainer.find(".bits-per-event"); |
| @@ -915,7 +915,7 @@ | |||
| 915 | } | 915 | } |
| 916 | 916 | ||
| 917 | function clearEntropyFeedback() { | 917 | function clearEntropyFeedback() { |
| 918 | DOM.entropyStrength.text("..."); | 918 | DOM.entropyCrackTime.text("..."); |
| 919 | DOM.entropyType.text(""); | 919 | DOM.entropyType.text(""); |
| 920 | DOM.entropyWordCount.text("0"); | 920 | DOM.entropyWordCount.text("0"); |
| 921 | DOM.entropyEventCount.text("0"); | 921 | DOM.entropyEventCount.text("0"); |
| @@ -927,37 +927,15 @@ | |||
| 927 | 927 | ||
| 928 | function showEntropyFeedback(entropy) { | 928 | function showEntropyFeedback(entropy) { |
| 929 | var numberOfBits = entropy.binaryStr.length; | 929 | var numberOfBits = entropy.binaryStr.length; |
| 930 | var strength = "extremely weak"; | 930 | var timeToCrack = "unknown"; |
| 931 | if (numberOfBits >= 64) { | ||
| 932 | strength = "very weak"; | ||
| 933 | } | ||
| 934 | if (numberOfBits >= 96) { | ||
| 935 | strength = "weak"; | ||
| 936 | } | ||
| 937 | if (numberOfBits >= 128) { | ||
| 938 | strength = "strong"; | ||
| 939 | } | ||
| 940 | if (numberOfBits >= 160) { | ||
| 941 | strength = "very strong"; | ||
| 942 | } | ||
| 943 | if (numberOfBits >= 192) { | ||
| 944 | strength = "extremely strong"; | ||
| 945 | } | ||
| 946 | // If time to crack is less than one day, and password is considered | ||
| 947 | // strong or better based on the number of bits, rename strength to | ||
| 948 | // 'easily cracked'. | ||
| 949 | try { | 931 | try { |
| 950 | var z = zxcvbn(entropy.base.parts.join("")); | 932 | var z = zxcvbn(entropy.base.parts.join("")); |
| 951 | var timeToCrack = z.crack_times_seconds.offline_fast_hashing_1e10_per_second; | 933 | timeToCrack = z.crack_times_display.offline_fast_hashing_1e10_per_second; |
| 952 | if (timeToCrack < 86400 && entropy.binaryStr.length >= 128) { | 934 | if (z.feedback.warning != "") { |
| 953 | strength = "easily cracked"; | 935 | timeToCrack = timeToCrack + " - " + z.feedback.warning; |
| 954 | if (z.feedback.warning != "") { | 936 | }; |
| 955 | strength = strength + " - " + z.feedback.warning; | ||
| 956 | }; | ||
| 957 | } | ||
| 958 | } | 937 | } |
| 959 | catch (e) { | 938 | catch (e) { |
| 960 | strength = "unknown"; | ||
| 961 | console.log("Error detecting entropy strength with zxcvbn:"); | 939 | console.log("Error detecting entropy strength with zxcvbn:"); |
| 962 | console.log(e); | 940 | console.log(e); |
| 963 | } | 941 | } |
| @@ -966,7 +944,7 @@ | |||
| 966 | var bitsPerEvent = entropy.bitsPerEvent.toFixed(2); | 944 | var bitsPerEvent = entropy.bitsPerEvent.toFixed(2); |
| 967 | DOM.entropyFiltered.html(entropy.cleanHtml); | 945 | DOM.entropyFiltered.html(entropy.cleanHtml); |
| 968 | DOM.entropyType.text(entropyTypeStr); | 946 | DOM.entropyType.text(entropyTypeStr); |
| 969 | DOM.entropyStrength.text(strength); | 947 | DOM.entropyCrackTime.text(timeToCrack); |
| 970 | DOM.entropyEventCount.text(entropy.base.ints.length); | 948 | DOM.entropyEventCount.text(entropy.base.ints.length); |
| 971 | DOM.entropyBits.text(numberOfBits); | 949 | DOM.entropyBits.text(numberOfBits); |
| 972 | DOM.entropyWordCount.text(wordCount); | 950 | DOM.entropyWordCount.text(wordCount); |
| @@ -2824,7 +2824,7 @@ page.open(url, function(status) { | |||
| 2824 | events: 1, | 2824 | events: 1, |
| 2825 | bits: 4, | 2825 | bits: 4, |
| 2826 | words: 0, | 2826 | words: 0, |
| 2827 | strength: "extremely weak", | 2827 | strength: "less than a second", |
| 2828 | }, | 2828 | }, |
| 2829 | { | 2829 | { |
| 2830 | entropy: "AAAAAAAA", | 2830 | entropy: "AAAAAAAA", |
| @@ -2833,7 +2833,7 @@ page.open(url, function(status) { | |||
| 2833 | events: 8, | 2833 | events: 8, |
| 2834 | bits: 32, | 2834 | bits: 32, |
| 2835 | words: 3, | 2835 | words: 3, |
| 2836 | strength: "extremely weak", | 2836 | strength: "less than a second - Repeats like \"aaa\" are easy to guess", |
| 2837 | }, | 2837 | }, |
| 2838 | { | 2838 | { |
| 2839 | entropy: "AAAAAAAA B", | 2839 | entropy: "AAAAAAAA B", |
| @@ -2842,7 +2842,7 @@ page.open(url, function(status) { | |||
| 2842 | events: 9, | 2842 | events: 9, |
| 2843 | bits: 36, | 2843 | bits: 36, |
| 2844 | words: 3, | 2844 | words: 3, |
| 2845 | strength: "extremely weak", | 2845 | strength: "less than a second - Repeats like \"aaa\" are easy to guess", |
| 2846 | }, | 2846 | }, |
| 2847 | { | 2847 | { |
| 2848 | entropy: "AAAAAAAA BBBBBBBB", | 2848 | entropy: "AAAAAAAA BBBBBBBB", |
| @@ -2851,7 +2851,7 @@ page.open(url, function(status) { | |||
| 2851 | events: 16, | 2851 | events: 16, |
| 2852 | bits: 64, | 2852 | bits: 64, |
| 2853 | words: 6, | 2853 | words: 6, |
| 2854 | strength: "very weak", | 2854 | strength: "less than a second - Repeats like \"aaa\" are easy to guess", |
| 2855 | }, | 2855 | }, |
| 2856 | { | 2856 | { |
| 2857 | entropy: "AAAAAAAA BBBBBBBB CCCCCCCC", | 2857 | entropy: "AAAAAAAA BBBBBBBB CCCCCCCC", |
| @@ -2860,7 +2860,7 @@ page.open(url, function(status) { | |||
| 2860 | events: 24, | 2860 | events: 24, |
| 2861 | bits: 96, | 2861 | bits: 96, |
| 2862 | words: 9, | 2862 | words: 9, |
| 2863 | strength: "weak", | 2863 | strength: "less than a second", |
| 2864 | }, | 2864 | }, |
| 2865 | { | 2865 | { |
| 2866 | entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDD", | 2866 | entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDD", |
| @@ -2869,7 +2869,7 @@ page.open(url, function(status) { | |||
| 2869 | events: 32, | 2869 | events: 32, |
| 2870 | bits: 128, | 2870 | bits: 128, |
| 2871 | words: 12, | 2871 | words: 12, |
| 2872 | strength: "easily cracked", | 2872 | strength: "2 minutes", |
| 2873 | }, | 2873 | }, |
| 2874 | { | 2874 | { |
| 2875 | entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDA", | 2875 | entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDA", |
| @@ -2878,7 +2878,7 @@ page.open(url, function(status) { | |||
| 2878 | events: 32, | 2878 | events: 32, |
| 2879 | bits: 128, | 2879 | bits: 128, |
| 2880 | words: 12, | 2880 | words: 12, |
| 2881 | strength: "strong", | 2881 | strength: "2 days", |
| 2882 | }, | 2882 | }, |
| 2883 | { | 2883 | { |
| 2884 | entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDA EEEEEEEE", | 2884 | entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDA EEEEEEEE", |
| @@ -2887,7 +2887,7 @@ page.open(url, function(status) { | |||
| 2887 | events: 40, | 2887 | events: 40, |
| 2888 | bits: 160, | 2888 | bits: 160, |
| 2889 | words: 15, | 2889 | words: 15, |
| 2890 | strength: "very strong", | 2890 | strength: "3 years", |
| 2891 | }, | 2891 | }, |
| 2892 | { | 2892 | { |
| 2893 | entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDA EEEEEEEE FFFFFFFF", | 2893 | entropy: "AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDA EEEEEEEE FFFFFFFF", |
| @@ -2896,7 +2896,7 @@ page.open(url, function(status) { | |||
| 2896 | events: 48, | 2896 | events: 48, |
| 2897 | bits: 192, | 2897 | bits: 192, |
| 2898 | words: 18, | 2898 | words: 18, |
| 2899 | strength: "extremely strong", | 2899 | strength: "centuries", |
| 2900 | }, | 2900 | }, |
| 2901 | { | 2901 | { |
| 2902 | entropy: "7d", | 2902 | entropy: "7d", |
| @@ -2904,7 +2904,7 @@ page.open(url, function(status) { | |||
| 2904 | events: 1, | 2904 | events: 1, |
| 2905 | bits: 5, | 2905 | bits: 5, |
| 2906 | words: 0, | 2906 | words: 0, |
| 2907 | strength: "extremely weak", | 2907 | strength: "less than a second", |
| 2908 | }, | 2908 | }, |
| 2909 | { | 2909 | { |
| 2910 | entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks", | 2910 | entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks", |
| @@ -2912,7 +2912,7 @@ page.open(url, function(status) { | |||
| 2912 | events: 52, | 2912 | events: 52, |
| 2913 | bits: 225, | 2913 | bits: 225, |
| 2914 | words: 21, | 2914 | words: 21, |
| 2915 | strength: "extremely strong", | 2915 | strength: "centuries", |
| 2916 | }, | 2916 | }, |
| 2917 | { | 2917 | { |
| 2918 | entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks3d", | 2918 | entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks3d", |
| @@ -2920,7 +2920,7 @@ page.open(url, function(status) { | |||
| 2920 | events: 53, | 2920 | events: 53, |
| 2921 | bits: 254, | 2921 | bits: 254, |
| 2922 | words: 21, | 2922 | words: 21, |
| 2923 | strength: "extremely strong", | 2923 | strength: "centuries", |
| 2924 | }, | 2924 | }, |
| 2925 | { | 2925 | { |
| 2926 | entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqs3d4d", | 2926 | entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqs3d4d", |
| @@ -2928,7 +2928,7 @@ page.open(url, function(status) { | |||
| 2928 | events: 53, | 2928 | events: 53, |
| 2929 | bits: 254, | 2929 | bits: 254, |
| 2930 | words: 21, | 2930 | words: 21, |
| 2931 | strength: "extremely strong", | 2931 | strength: "centuries", |
| 2932 | }, | 2932 | }, |
| 2933 | { | 2933 | { |
| 2934 | entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqs3d4d5d6d", | 2934 | entropy: "ac2c3c4c5c6c7c8c9ctcjcqckcad2d3d4d5d6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqs3d4d5d6d", |
| @@ -2936,7 +2936,7 @@ page.open(url, function(status) { | |||
| 2936 | events: 53, | 2936 | events: 53, |
| 2937 | bits: 264, | 2937 | bits: 264, |
| 2938 | words: 24, | 2938 | words: 24, |
| 2939 | strength: "extremely strong", | 2939 | strength: "centuries", |
| 2940 | }, | 2940 | }, |
| 2941 | // Next test was throwing uncaught error in zxcvbn | 2941 | // Next test was throwing uncaught error in zxcvbn |
| 2942 | // Also tests 451 bits, ie Math.log2(52!)*2 = 225.58 * 2 | 2942 | // Also tests 451 bits, ie Math.log2(52!)*2 = 225.58 * 2 |
| @@ -2946,7 +2946,7 @@ page.open(url, function(status) { | |||
| 2946 | events: 104, | 2946 | events: 104, |
| 2947 | bits: 499, | 2947 | bits: 499, |
| 2948 | words: 45, | 2948 | words: 45, |
| 2949 | strength: "extremely strong", | 2949 | strength: "centuries", |
| 2950 | }, | 2950 | }, |
| 2951 | // Case insensitivity to duplicate cards | 2951 | // Case insensitivity to duplicate cards |
| 2952 | { | 2952 | { |
| @@ -2955,7 +2955,7 @@ page.open(url, function(status) { | |||
| 2955 | events: 2, | 2955 | events: 2, |
| 2956 | bits: 9, | 2956 | bits: 9, |
| 2957 | words: 0, | 2957 | words: 0, |
| 2958 | strength: "extremely weak", | 2958 | strength: "less than a second", |
| 2959 | }, | 2959 | }, |
| 2960 | { | 2960 | { |
| 2961 | entropy: "ASas", | 2961 | entropy: "ASas", |
| @@ -2963,7 +2963,7 @@ page.open(url, function(status) { | |||
| 2963 | events: 2, | 2963 | events: 2, |
| 2964 | bits: 9, | 2964 | bits: 9, |
| 2965 | words: 0, | 2965 | words: 0, |
| 2966 | strength: "extremely weak", | 2966 | strength: "less than a second", |
| 2967 | }, | 2967 | }, |
| 2968 | // Missing cards are detected | 2968 | // Missing cards are detected |
| 2969 | { | 2969 | { |
| @@ -2972,7 +2972,7 @@ page.open(url, function(status) { | |||
| 2972 | events: 51, | 2972 | events: 51, |
| 2973 | bits: 221, | 2973 | bits: 221, |
| 2974 | words: 18, | 2974 | words: 18, |
| 2975 | strength: "extremely strong", | 2975 | strength: "centuries", |
| 2976 | }, | 2976 | }, |
| 2977 | { | 2977 | { |
| 2978 | entropy: "ac2c3c4c5c6c7c8c tcjcqckcad2d3d4d 6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks", | 2978 | entropy: "ac2c3c4c5c6c7c8c tcjcqckcad2d3d4d 6d7d8d9dtdjdqdkdah2h3h4h5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks", |
| @@ -2980,7 +2980,7 @@ page.open(url, function(status) { | |||
| 2980 | events: 50, | 2980 | events: 50, |
| 2981 | bits: 216, | 2981 | bits: 216, |
| 2982 | words: 18, | 2982 | words: 18, |
| 2983 | strength: "extremely strong", | 2983 | strength: "centuries", |
| 2984 | }, | 2984 | }, |
| 2985 | { | 2985 | { |
| 2986 | entropy: "ac2c3c4c5c6c7c8c tcjcqckcad2d3d4d 6d7d8d9dtdjd kdah2h3h 5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks", | 2986 | entropy: "ac2c3c4c5c6c7c8c tcjcqckcad2d3d4d 6d7d8d9dtdjd kdah2h3h 5h6h7h8h9hthjhqhkhas2s3s4s5s6s7s8s9stsjsqsks", |
| @@ -2988,7 +2988,7 @@ page.open(url, function(status) { | |||
| 2988 | events: 48, | 2988 | events: 48, |
| 2989 | bits: 208, | 2989 | bits: 208, |
| 2990 | words: 18, | 2990 | words: 18, |
| 2991 | strength: "extremely strong", | 2991 | strength: "centuries", |
| 2992 | }, | 2992 | }, |
| 2993 | // More than six missing cards does not show message | 2993 | // More than six missing cards does not show message |
| 2994 | { | 2994 | { |
| @@ -2997,7 +2997,7 @@ page.open(url, function(status) { | |||
| 2997 | events: 45, | 2997 | events: 45, |
| 2998 | bits: 195, | 2998 | bits: 195, |
| 2999 | words: 18, | 2999 | words: 18, |
| 3000 | strength: "extremely strong", | 3000 | strength: "centuries", |
| 3001 | }, | 3001 | }, |
| 3002 | // Multiple decks of cards increases bits per event | 3002 | // Multiple decks of cards increases bits per event |
| 3003 | { | 3003 | { |
| @@ -3041,7 +3041,7 @@ page.open(url, function(status) { | |||
| 3041 | events: 33, | 3041 | events: 33, |
| 3042 | bits: 184, | 3042 | bits: 184, |
| 3043 | bitsPerEvent: 5.59, | 3043 | bitsPerEvent: 5.59, |
| 3044 | strength: 'easily cracked - Repeats like "abcabcabc" are only slightly harder to guess than "abc"', | 3044 | strength: 'less than a second - Repeats like "abcabcabc" are only slightly harder to guess than "abc"', |
| 3045 | }, | 3045 | }, |
| 3046 | ]; | 3046 | ]; |
| 3047 | // use entropy | 3047 | // use entropy |