This is a copy of the https://godoc.org/github.com/dchest/passwordcheck web page saved as text. GoDoc Home Index About passwordcheck: github.com/dchest/passwordcheck Index | Files package passwordcheck import "github.com/dchest/passwordcheck" Package passwordcheck is a password and passphrase strength checker based on passwdqc (http://www.openwall.com/passwdqc/). Currently implemented via a CGO-binding to a modified passwdqc. Index Variables type Error func (e *Error) Error() string type Policy func ParsePolicy(config string) (p *Policy, err error) func (p *Policy) Check(newPassword, oldPassword, username []byte) error Package Files passwordcheck.go Variables var ( ErrEmpty = errors.New("empty password") ErrFailed = newError(C.REASON_ERROR) // check failed ErrSame = newError(C.REASON_SAME) // same as the old one ErrSimilar = newError(C.REASON_SIMILAR) // based on the old one ErrShort = newError(C.REASON_SHORT) // too short ErrLong = newError(C.REASON_LONG) // too long ErrSimpleShort = newError(C.REASON_SIMPLESHORT) // not enough different characters or classes for this length ErrSimple = newError(C.REASON_SIMPLE) // not enough different characters of classes ErrPersonal = newError(C.REASON_PERSONAL) // based on user name ErrWord = newError(C.REASON_WORD) // based on a directionary word and not a passphrase ErrSeq = newError(C.REASON_SEQ) // based on a common sequence of characters and not a passphrase ) var DefaultPolicy = &Policy{ Min: [5]int{Disabled, 24, 11, 8, 7}, Max: 1024, PassphraseWords: 3, MatchLength: 4, DenySimilar: true, } DefaultPolicy is the default password strength policy. var Disabled = C.INT_MAX Disabled provides a value for Policy's Min to disable a password kind. type Error type Error struct { // contains filtered or unexported fields } func (*Error) Error func (e *Error) Error() string type Policy type Policy struct { // Min declares the minimum allowed password lengths for different // kinds of passwords and passphrases. // // Constant Disabled can be used to disallow passwords of a given kind // regardless of their length. Each subsequent number is required to be // no larger than the preceding one. // // Min[0] is used for passwords consisting of characters from one // character class only. The character classes are: digits, lower-case // letters, upper-case letters, and other characters. There is also a // special class for non-ASCII characters, which could not be // classified, but are assumed to be non-digits. // // Min[1] is used for passwords consisting of characters from two // character classes that do not meet the requirements for a // passphrase. // // Min[2] is used for passphrases. Note that besides meeting this // length requirement, a passphrase must also consist of a sufficient // number of words (see the PassphraseWords option below). // // Min[3] and Min[4] are used for passwords consisting of characters // from three and four character classes, respectively. Min [5]int // Max is the maximum allowed password length. // // This can be used to prevent users from setting passwords that may be // too long for some system services. Max int // PassphraseWords is the number of words required for a passphrase. // Set to 0 to disable the support for user-chosen passphrases. PassphraseWords int // MatchLength is the length of common substring required to conclude // that a password is at least partially based on information found in // a character string, or 0 to disable the substring search. // // Note that the password will not be rejected once a weak substring is // found; it will instead be subjected to the usual strength // requirements with the weak substring partially discounted. MatchLength int // DenySimilar indicates whether a new password is allowed to be // similar to the old one. // // The passwords are considered to be similar when there is a // sufficiently long common substring and the new password with the // substring partially discounted would be weak. DenySimilar bool } Policy describes a password strength policy. func ParsePolicy func ParsePolicy(config string) (p *Policy, err error) ParsePolicy parses a string describing password policy. The format is similar to passwdqc, but a bit relaxed: min=N0,N1,N2,N3,N4 default: min=disabled,24,11,8,7 max=N default: max=40 passphrase=N default: passphrase=3 match=N default: match=4 similar=permit|deny default: similar=deny Configuration items can be separated by a new line or by space, for example: min=disabled,16,17,18,19 max=20 passphrase=21 match=22 similar=deny The order of items is not important. There must be no spaces or excess commas between min values. Items not present in the string are filled from DefaultPolicy. func (*Policy) Check func (p *Policy) Check(newPassword, oldPassword, username []byte) error Check checks that the new password complies with the policy and returns nil if it does, and Error if not. If old password or user name are not nil, the are also used for checking, for example, to make sure that the new password sufficiently differs from the old one. Package passwordcheck imports 5 packages (graph). Updated 2 years ago. Refresh now. Tools for package owners. Website Issues | Go Language Back to top