Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Empty warnings on score eq 1 #27

Open
verkligheten opened this issue Oct 15, 2019 · 1 comment
Open

Empty warnings on score eq 1 #27

verkligheten opened this issue Oct 15, 2019 · 1 comment

Comments

@verkligheten
Copy link

I'm not really sure that's the right behavior when score of password equal to 1 and there are any warnings.

Zxcvbn.test('vika20021994')
=> #<Zxcvbn::Score:0x00007fc8ab3983e0
 @calc_time=0.002605999994557351,
 @crack_time=9176.328,
 @crack_time_display="4 hours",
 @entropy=27.451,
 @feedback=#<Zxcvbn::Feedback:0x00007fc8ab3a3920 @suggestions=["Add another word or two. Uncommon words are better."], @warning=nil>,
 @match_sequence=
  [#<Zxcvbn::Match pattern="bruteforce", i=0, j=0, token="v", entropy=5.169925001442312, cardinality=36>,
   #<Zxcvbn::Match matched_word="i", token="i", i=1, j=1, rank=2, pattern="dictionary", dictionary_name="english", base_entropy=1.0, uppercase_entropy=0.0, l33t_entropy=0, entropy=1.0>,
   #<Zxcvbn::Match pattern="bruteforce", i=2, j=2, token="k", entropy=5.169925001442312, cardinality=36>,
   #<Zxcvbn::Match matched_word="a", token="a", i=3, j=3, rank=5, pattern="dictionary", dictionary_name="english", base_entropy=2.321928094887362, uppercase_entropy=0.0, l33t_entropy=0, entropy=2.321928094887362>,
   #<Zxcvbn::Match i=4, j=7, token="2002", pattern="year", entropy=6.894817763307944>,
   #<Zxcvbn::Match i=8, j=11, token="1994", pattern="year", entropy=6.894817763307944>],
 @password="vika20021994",
 @score=1>

Could you please clarify this behavior. Thanks
@formigarafa formigarafa mentioned this issue May 27, 2021
Closed
14 tasks
@formigarafa
Copy link

formigarafa commented Feb 24, 2022
edited

The way this tool gives feedback is a bit weird but it is works the same way the original was ported from (dropbox/zxcbn).
Even though the result is not the same as the original tool, the result and feedback format close to the original.

from: https://lowe.github.io/tryzxcvbn/
password: | vika20021994
guesses_log10: | 8.3105
score: | 3 / 4

It not always have a warning and/or a suggestion to give because they usually relate to the provided password and sometimes it just not match anything obviously bad to raise a suggestion or warning.

There may also be some implementation details that differ from the original and if you try another port, you may get something closer of what you expect.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@formigarafa @verkligheten