// Password strength meter v1.0 // Matthew R. Miller - 2007 // www.codeandcoffee.com // Based off of code from http://www.intelligent-web.co.uk // Settings // -- Toggle to true or false, if you want to change what is checked in the password var bCheckNumbers = true; var bCheckUpperCase = true; var bCheckLowerCase = true; var bCheckPunctuation = true; var nPasswordLifetime = 365; String.prototype.strReverse = function() { var newstring = ""; for (var s=0; s < this.length; s++) { newstring = this.charAt(s) + newstring; } return newstring; //strOrig = ' texttotrim '; //strReversed = strOrig.revstring(); }; function chkPwd(pwd) { var nScore = 0; var nLength = 0; var nAlphaUC = 0; var nAlphaLC = 0; var nNumber = 0; var nSymbol = 0; var nMidChar = 0; var nRequirements = 0; var nAlphasOnly = 0; var nNumbersOnly = 0; var nRepChar = 0; var nConsecAlphaUC = 0; var nConsecAlphaLC = 0; var nConsecNumber = 0; var nConsecSymbol = 0; var nConsecCharType = 0; var nSeqAlpha = 0; var nSeqNumber = 0; var nSeqChar = 0; var nReqChar = 0; var nReqCharType = 3; var nMultLength = 4; var nMultAlphaUC = 1; var nMultAlphaLC = 1; var nMultNumber = 2; var nMultSymbol = 2; var nMultMidChar = 2; var nMultRequirements = 2; var nMultRepChar = 1; var nMultConsecAlphaUC = 2; var nMultConsecAlphaLC = 2; var nMultConsecNumber = 2; var nMultConsecSymbol = 1; var nMultConsecCharType = 0; var nMultSeqAlpha = 3; var nMultSeqNumber = 3; var nTmpAlphaUC = ""; var nTmpAlphaLC = ""; var nTmpNumber = ""; var nTmpSymbol = ""; var sAlphaUC = "    0"; var sAlphaLC = "    0"; var sNumber = "    0"; var sSymbol = "    0"; var sMidChar = "    0"; var sRequirements = "    0"; var sAlphasOnly = "    0"; var sNumbersOnly = "    0"; var sRepChar = "    0"; var sConsecAlphaUC = "    0"; var sConsecAlphaLC = "    0"; var sConsecNumber = "    0"; var sSeqAlpha = "    0"; var sSeqNumber = "    0"; var sAlphas = "abcdefghijklmnopqrstuvwxyz"; var sNumerics = "01234567890"; var sComplexity = "Too Short"; var sStandards = "Below"; var nMinPwdLen = 6; if (document.all) { var nd = 0; } else { var nd = 1; } if (pwd) { nScore = parseInt(pwd.length * nMultLength); nLength = pwd.length; var arrPwd = pwd.replace (/\s+/g,"").split(/\s*/); var arrPwdLen = arrPwd.length; /* Loop through password to check for Symbol, Numeric, Lowercase and Uppercase pattern matches */ for (var a=0; a < arrPwdLen; a++) { if (arrPwd[a].match(new RegExp(/[A-Z]/g))) { if (nTmpAlphaUC !== "") { if ((nTmpAlphaUC + 1) == a) { nConsecAlphaUC++; nConsecCharType++; } } nTmpAlphaUC = a; nAlphaUC++; } else if (arrPwd[a].match(new RegExp(/[a-z]/g))) { if (nTmpAlphaLC !== "") { if ((nTmpAlphaLC + 1) == a) { nConsecAlphaLC++; nConsecCharType++; } } nTmpAlphaLC = a; nAlphaLC++; } else if (arrPwd[a].match(new RegExp(/[0-9]/g))) { if (a > 0 && a < (arrPwdLen - 1)) { nMidChar++; } if (nTmpNumber !== "") { if ((nTmpNumber + 1) == a) { nConsecNumber++; nConsecCharType++; } } nTmpNumber = a; nNumber++; } else if (arrPwd[a].match(new RegExp(/[^a-zA-Z0-9_]/g))) { if (a > 0 && a < (arrPwdLen - 1)) { nMidChar++; } if (nTmpSymbol !== "") { if ((nTmpSymbol + 1) == a) { nConsecSymbol++; nConsecCharType++; } } nTmpSymbol = a; nSymbol++; } /* Internal loop through password to check for repeated characters */ for (var b=0; b < arrPwdLen; b++) { if (arrPwd[a].toLowerCase() == arrPwd[b].toLowerCase() && a != b) { nRepChar++; } } } /* Check for sequential alpha string patterns (forward and reverse) */ for (var s=0; s < 23; s++) { var sFwd = sAlphas.substring(s,parseInt(s+3)); var sRev = sFwd.strReverse(); if (pwd.toLowerCase().indexOf(sFwd) != -1 || pwd.toLowerCase().indexOf(sRev) != -1) { nSeqAlpha++; nSeqChar++;} } /* Check for sequential numeric string patterns (forward and reverse) */ for (var s=0; s < 8; s++) { var sFwd = sNumerics.substring(s,parseInt(s+3)); var sRev = sFwd.strReverse(); if (pwd.toLowerCase().indexOf(sFwd) != -1 || pwd.toLowerCase().indexOf(sRev) != -1) { nSeqNumber++; nSeqChar++;} } /* Modify overall score value based on usage vs requirements */ /* General point assignment */ if (nAlphaUC > 0 && nAlphaUC < nLength) { nScore = parseInt(nScore + ((nLength - nAlphaUC) * 2)); sAlphaUC = "+ " + parseInt((nLength - nAlphaUC) * 2); } if (nAlphaLC > 0 && nAlphaLC < nLength) { nScore = parseInt(nScore + ((nLength - nAlphaLC) * 2)); sAlphaLC = "+ " + parseInt((nLength - nAlphaLC) * 2); } if (nNumber > 0 && nNumber < nLength) { nScore = parseInt(nScore + (nNumber * nMultNumber)); sNumber = "+ " + parseInt(nNumber * nMultNumber); } if (nSymbol > 0) { nScore = parseInt(nScore + (nSymbol * nMultSymbol)); sSymbol = "+ " + parseInt(nSymbol * nMultSymbol); } if (nMidChar > 0) { nScore = parseInt(nScore + (nMidChar * nMultMidChar)); sMidChar = "+ " + parseInt(nMidChar * nMultMidChar); } /* Point deductions for poor practices */ if ((nAlphaLC > 0 || nAlphaUC > 0) && nSymbol === 0 && nNumber === 0) { // Only Letters nScore = parseInt(nScore - nLength); nAlphasOnly = nLength; sAlphasOnly = "- " + nLength; } if (nAlphaLC === 0 && nAlphaUC === 0 && nSymbol === 0 && nNumber > 0) { // Only Numbers nScore = parseInt(nScore - nLength); nNumbersOnly = nLength; sNumbersOnly = "- " + nLength; } if (nRepChar > 0) { // Same character exists more than once nScore = parseInt(nScore - (nRepChar * nRepChar)); sRepChar = "- " + nRepChar; } if (nConsecAlphaUC > 0) { // Consecutive Uppercase Letters exist nScore = parseInt(nScore - (nConsecAlphaUC * nMultConsecAlphaUC)); sConsecAlphaUC = "- " + parseInt(nConsecAlphaUC * nMultConsecAlphaUC); } if (nConsecAlphaLC > 0) { // Consecutive Lowercase Letters exist nScore = parseInt(nScore - (nConsecAlphaLC * nMultConsecAlphaLC)); sConsecAlphaLC = "- " + parseInt(nConsecAlphaLC * nMultConsecAlphaLC); } if (nConsecNumber > 0) { // Consecutive Numbers exist nScore = parseInt(nScore - (nConsecNumber * nMultConsecNumber)); sConsecNumber = "- " + parseInt(nConsecNumber * nMultConsecNumber); } if (nSeqAlpha > 0) { // Sequential alpha strings exist (3 characters or more) nScore = parseInt(nScore - (nSeqAlpha * nMultSeqAlpha)); sSeqAlpha = "- " + parseInt(nSeqAlpha * nMultSeqAlpha); } if (nSeqNumber > 0) { // Sequential numeric strings exist (3 characters or more) nScore = parseInt(nScore - (nSeqNumber * nMultSeqNumber)); sSeqNumber = "- " + parseInt(nSeqNumber * nMultSeqNumber); } /* Determine if mandatory requirements have been met and set image indicators accordingly */ var arrChars = [nLength,nAlphaUC,nAlphaLC,nNumber,nSymbol]; var arrCharsIds = ["nLength","nAlphaUC","nAlphaLC","nNumber","nSymbol"]; var arrCharsLen = arrChars.length; for (var c=0; c < arrCharsLen; c++) { if (arrCharsIds[c] == "nLength") { var minVal = parseInt(nMinPwdLen - 1); } else { var minVal = 0; } if (arrChars[c] == parseInt(minVal + 1)) { nReqChar++; } else if (arrChars[c] > parseInt(minVal + 1)) { nReqChar++; } } nRequirements = nReqChar; if (pwd.length >= nMinPwdLen) { var nMinReqChars = 3; } else { var nMinReqChars = 4; } if (nRequirements > nMinReqChars) { // One or more required characters exist nScore = parseInt(nScore + (nRequirements * 2)); sRequirements = "+ " + parseInt(nRequirements * 2); } /* Determine if additional bonuses need to be applied and set image indicators accordingly */ var arrChars = [nMidChar,nRequirements]; var arrCharsIds = ["nMidChar","nRequirements"]; var arrCharsLen = arrChars.length; /* Determine if suggested requirements have been met and set image indicators accordingly */ var arrChars = [nAlphasOnly,nNumbersOnly,nRepChar,nConsecAlphaUC,nConsecAlphaLC,nConsecNumber,nSeqAlpha,nSeqNumber]; var arrCharsIds = ["nAlphasOnly","nNumbersOnly","nRepChar","nConsecAlphaUC","nConsecAlphaLC","nConsecNumber","nSeqAlpha","nSeqNumber"]; var arrCharsLen = arrChars.length; } if (nScore > 100) { nScore = 100; } else if (nScore < 0) { nScore = 0; } return nScore; } // Check password function checkPassword(strPassword) { // Reset combination count nCombinations = 0; // Check numbers if (bCheckNumbers) { strCheck = "0123456789"; if (doesContain(strPassword, strCheck) > 0) { nCombinations += strCheck.length; } } // Check upper case if (bCheckUpperCase) { strCheck = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; if (doesContain(strPassword, strCheck) > 0) { nCombinations += strCheck.length; } } // Check lower case if (bCheckLowerCase) { strCheck = "abcdefghijklmnopqrstuvwxyz"; if (doesContain(strPassword, strCheck) > 0) { nCombinations += strCheck.length; } } // Check punctuation if (bCheckPunctuation) { strCheck = ";:-_=+\|//?^&!.@$£#*()%~<>{}[]"; if (doesContain(strPassword, strCheck) > 0) { nCombinations += strCheck.length; } } // Calculate // -- 500 tries per second => minutes var nDays = ((Math.pow(nCombinations, strPassword.length) / 500) / 2) / 86400; // Number of days out of password lifetime setting var nPerc = nDays / nPasswordLifetime; return nPerc; } // Runs password through check and then updates GUI function runPassword(strPassword) { /* // Check password nPerc = checkPassword(strPassword); //console.log(nPerc); // Set new width var nRound = Math.round(nPerc * 100); if (nRound < (strPassword.length * 5)) { nRound += strPassword.length * 5; } if (nRound > 100) nRound = 100; // console.log(nRound); // Color and text */ var nRound = chkPwd(strPassword); if (nRound > 40) { document.getElementById('sic1').className="regline colore5 on"; document.getElementById('sic2').className="regline colore5 on"; document.getElementById('sic3').className="regline colore5 on"; } else if (nRound > 20) { document.getElementById('sic1').className="regline colore5 on"; document.getElementById('sic2').className="regline colore5 on"; document.getElementById('sic3').className="regline colore5"; } else if (nRound >= 0 ) { document.getElementById('sic1').className="regline colore5 on"; document.getElementById('sic2').className="regline colore5"; document.getElementById('sic3').className="regline colore5"; } else { document.getElementById('sic1').className="regline colore5"; document.getElementById('sic2').className="regline colore5"; document.getElementById('sic3').className="regline colore5"; } } // Checks a string for a list of characters function doesContain(strPassword, strCheck) { nCount = 0; for (i = 0; i < strPassword.length; i++) { if (strCheck.indexOf(strPassword.charAt(i)) > -1) { nCount++; } } return nCount; }