includes/clientside/static/pwstrength.js
author Dan
Wed, 19 Sep 2007 13:26:42 -0400
changeset 138 13561bde2e2c
parent 134 175776498ef1
permissions -rw-r--r--
SECURITY: Fix unescaped SQL in paths.php rebuild_page_index()
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
134
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
     1
/*
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
     2
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
     3
 * Copyright (C) 2006-2007 Dan Fuhry
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
     4
 * pwstrength - Password evaluation and strength testing algorithm
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
     5
 *
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
     6
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
     7
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
     8
 *
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
     9
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    10
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    11
 */
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    12
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    13
function password_score_len(password)
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    14
{
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    15
  if ( typeof(password) != "string" )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    16
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    17
    return -10;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    18
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    19
  var len = password.length;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    20
  var score = len - 7;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    21
  return score;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    22
}
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    23
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    24
function password_score(password)
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    25
{
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    26
  if ( typeof(password) != "string" )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    27
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    28
    return -10;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    29
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    30
  var score = 0;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    31
  var debug = [];
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    32
  // length check
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    33
  var lenscore = password_score_len(password);
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    34
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    35
  debug.push(''+lenscore+' points for length');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    36
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    37
  score += lenscore;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    38
    
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    39
  var has_upper_lower = false;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    40
  var has_symbols     = false;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    41
  var has_numbers     = false;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    42
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    43
  // contains uppercase and lowercase
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    44
  if ( password.match(/[A-z]+/) && password.toLowerCase() != password )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    45
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    46
    score += 1;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    47
    has_upper_lower = true;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    48
    debug.push('1 point for having uppercase and lowercase');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    49
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    50
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    51
  // contains symbols
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    52
  if ( password.match(/[^A-z0-9]+/) )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    53
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    54
    score += 1;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    55
    has_symbols = true;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    56
    debug.push('1 point for having nonalphanumeric characters (matching /[^A-z0-9]+/)');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    57
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    58
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    59
  // contains numbers
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    60
  if ( password.match(/[0-9]+/) )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    61
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    62
    score += 1;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    63
    has_numbers = true;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    64
    debug.push('1 point for having numbers');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    65
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    66
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    67
  if ( has_upper_lower && has_symbols && has_numbers && password.length >= 9 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    68
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    69
    // if it has uppercase and lowercase letters, symbols, and numbers, and is of considerable length, add some serious points
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    70
    score += 4;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    71
    debug.push('4 points for having uppercase and lowercase, numbers, and nonalphanumeric and being more than 8 characters');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    72
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    73
  else if ( has_upper_lower && has_symbols && has_numbers && password.length >= 6 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    74
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    75
    // still give some points for passing complexity check
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    76
    score += 2;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    77
    debug.push('2 points for having uppercase and lowercase, numbers, and nonalphanumeric');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    78
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    79
  else if(( ( has_upper_lower && has_symbols ) ||
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    80
            ( has_upper_lower && has_numbers ) ||
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    81
            ( has_symbols && has_numbers ) ) && password.length >= 6 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    82
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    83
    // if 2 of the three main complexity checks passed, add a point
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    84
    score += 1;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    85
    debug.push('1 point for having 2 of 3 complexity checks');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    86
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    87
  else if ( ( !has_upper_lower && !has_numbers && has_symbols ) ||
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    88
            ( !has_upper_lower && !has_symbols && has_numbers ) ||
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    89
            ( !has_numbers && !has_symbols && has_upper_lower ) )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    90
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    91
    score += -2;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    92
    debug.push('-2 points for only meeting 1 complexity check');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    93
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    94
  else if ( password.match(/^[0-9]*?([a-z]+)[0-9]?$/) )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    95
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    96
    // password is something like magnum1 which will be cracked in seconds
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    97
    score += -4;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    98
    debug.push('-4 points for being of the form [number][word][number], which is easily cracked');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
    99
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   100
  else if ( !has_upper_lower && !has_numbers && !has_symbols )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   101
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   102
    // this is if somehow the user inputs a password that doesn't match the rule above, but still doesn't contain upper and lowercase, numbers, or symbols
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   103
    debug.push('-3 points for not meeting any complexity checks');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   104
    score += -3;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   105
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   106
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   107
  //
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   108
  // Repetition
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   109
  // Example: foobar12345 should be deducted points, where f1o2o3b4a5r should be given points
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   110
  // None of the positive ones kick in unless the length is at least 8
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   111
  //
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   112
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   113
  if ( password.match(/([A-Z][A-Z][A-Z][A-Z]|[a-z][a-z][a-z][a-z])/) )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   114
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   115
    debug.push('-2 points for having more than 4 letters of the same case in a row');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   116
    score += -2;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   117
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   118
  else if ( password.match(/([A-Z][A-Z][A-Z]|[a-z][a-z][a-z])/) )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   119
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   120
    debug.push('-1 points for having more than 3 letters of the same case in a row');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   121
    score += -1;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   122
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   123
  else if ( password.match(/[A-z]/) && !password.match(/([A-Z][A-Z][A-Z]|[a-z][a-z][a-z])/) && password.length >= 8 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   124
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   125
    debug.push('1 point for never having more than 2 letters of the same case in a row');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   126
    score += 1;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   127
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   128
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   129
  if ( password.match(/[0-9][0-9][0-9][0-9]/) )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   130
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   131
    debug.push('-2 points for having 4 or more numbers in a row');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   132
    score += -2;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   133
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   134
  else if ( password.match(/[0-9][0-9][0-9]/) )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   135
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   136
    debug.push('-1 points for having 3 or more numbers in a row');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   137
    score += -1;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   138
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   139
  else if ( has_numbers && !password.match(/[0-9][0-9][0-9]/) && password.length >= 8 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   140
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   141
    debug.push('1 point for never more than 2 numbers in a row');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   142
    score += -1;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   143
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   144
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   145
  // make passwords like fooooooooooooooooooooooooooooooooooooo totally die by subtracting a point for each character repeated at least 3 times in a row
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   146
  var prev_char = '';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   147
  var warn = false;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   148
  var loss = 0;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   149
  for ( var i = 0; i < password.length; i++ )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   150
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   151
    var chr = password.substr(i, 1);
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   152
    if ( chr == prev_char && warn )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   153
    {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   154
      loss += -1;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   155
    }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   156
    else if ( chr == prev_char && !warn )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   157
    {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   158
      warn = true;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   159
    }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   160
    else if ( chr != prev_char && warn )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   161
    {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   162
      warn = false;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   163
    }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   164
    prev_char = chr;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   165
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   166
  if ( loss < 0 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   167
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   168
    debug.push(''+loss+' points for immediate character repetition');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   169
    score += loss;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   170
    // this can bring the score below -10 sometimes
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   171
    if ( score < -10 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   172
    {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   173
      debug.push('Score set to -10 because it went below that floor');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   174
      score = -10;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   175
    }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   176
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   177
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   178
  var debug_txt = "<b>How this score was calculated</b>\nYour score was tallied up based on an extensive algorithm which outputted\nthe following scores based on traits of your password. Above you can see the\ncomposite score; your individual scores based on certain tests are below.\n\nThe scale is open-ended, with a minimum score of -10. 10 is very strong, 4\nis strong, 1 is good and -3 is fair. Below -3 scores \"Weak.\"\n\n";
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   179
  for ( var i = 0; i < debug.length; i++ )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   180
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   181
    debug_txt += debug[i] + "\n";
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   182
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   183
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   184
  if ( window.console )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   185
    window.console.info(debug_txt);
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   186
  else if ( document.getElementById('passdebug') )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   187
    document.getElementById('passdebug').innerHTML = debug_txt;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   188
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   189
  return score;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   190
}
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   191
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   192
function password_score_draw(score)
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   193
{
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   194
  // some colors are from the Gmail sign-up form
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   195
  if ( score >= 10 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   196
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   197
    var color = '#000000';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   198
    var fgcolor = '#666666';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   199
    var str = 'Very strong (score: '+score+')';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   200
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   201
  else if ( score > 3 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   202
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   203
    var color = '#008000';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   204
    var fgcolor = '#004000';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   205
    var str = 'Strong (score: '+score+')';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   206
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   207
  else if ( score >= 1 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   208
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   209
    var color = '#6699cc';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   210
    var fgcolor = '#4477aa';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   211
    var str = 'Good (score: '+score+')';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   212
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   213
  else if ( score >= -3 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   214
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   215
    var color = '#f5ac00';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   216
    var fgcolor = '#ffcc33';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   217
    var str = 'Fair (score: '+score+')';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   218
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   219
  else
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   220
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   221
    var color = '#aa0033';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   222
    var fgcolor = '#FF6060';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   223
    var str = 'Weak (score: '+score+')';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   224
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   225
  return {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   226
    color: color,
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   227
    fgcolor: fgcolor,
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   228
    str: str
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   229
  };
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   230
}
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   231
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   232
function password_score_field(field)
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   233
{
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   234
  var indicator = false;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   235
  if ( field.nextSibling )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   236
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   237
    if ( field.nextSibling.className == 'password-checker' )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   238
    {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   239
      indicator = field.nextSibling;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   240
    }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   241
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   242
  if ( !indicator )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   243
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   244
    var indicator = document.createElement('span');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   245
    indicator.className = 'password-checker';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   246
    if ( field.nextSibling )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   247
    {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   248
      field.parentNode.insertBefore(indicator, field.nextSibling);
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   249
    }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   250
    else
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   251
    {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   252
      field.parentNode.appendChild(indicator);
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   253
    }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   254
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   255
  var score = password_score(field.value);
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   256
  var data = password_score_draw(score);
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   257
  indicator.style.color = data.color;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   258
  indicator.style.fontWeight = 'bold';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   259
  indicator.innerHTML = ' ' + data.str;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   260
  
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   261
  if ( document.getElementById('pwmeter') )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   262
  {
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   263
    var div = document.getElementById('pwmeter');
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   264
    div.style.width = '250px';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   265
    score += 10;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   266
    if ( score > 25 )
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   267
      score = 25;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   268
    div.style.backgroundColor = data.color;
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   269
    var width = Math.round( score * (250 / 25) );
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   270
    div.innerHTML = '<div style="width: '+width+'px; background-color: '+data.fgcolor+'; height: 8px;"></div>';
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   271
  }
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   272
}
175776498ef1 Oops - forgot to add pwstrength.js
Dan
parents:
diff changeset
   273