Skip to content

gmalouf/averruncus

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Averruncus

Averruncus is a library for validating that a password meets a high standard of security. It is implemented in Scala, though the approach should be transferrable to many other languages.

Circle CI

Inspiration

Rick Redman's talk "Your Password Complexity Requirements are Worthless" at AppSecUSA 2014 was the catalyst for building this project.

Getting Averruncus

TODO

Usage

TODO

TODO List

  • Accept username/email address optionally and check that variations of it are not contained in password
  • Regexes preventing the most commons topologies of passwords i.e. 'Broncos1!' style (see video/linked articles)
  • Min topology change between old/new passwords
  • Allowing loading of lists of most widely used passwords on internet to be explicitly blacklisted

Relevant Posts/Articles

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages