Password complexity calculator
Page 1 of 2 12 LastLast
Results 1 to 15 of 19

Thread: Password complexity calculator

  1. #1
    High Energy Magic Dept. NogDog's Avatar
    Join Date
    Aug 2006
    Location
    Ankh-Morpork
    Posts
    14,855

    Password complexity calculator

    Something I was playing around with for a tool to roughly calculate the difficulty of guessing a password, just based on types of characters uses and the length of the password. (I.e., it does not try to consider things like dictionary words versus random strings, most commonly used characters, etc.)
    PHP Code:
    /**
     * Calculate the complexity of a password as the possible permutations
     * for the types of characters used and the password length. Does not
     * consider things like dictionary words, common patterns, et cetera
     * 
     * @param string $password
     * @return string (Numeric string from BCMath calculation)
     */
    function PasswordComplexity($password)
    {
        if(
    strlen($password) < 1
        {
            return 
    '0';
        }
        
    $charsets = array(
            
    '/[a-z]/' => 26,
            
    '/[A-Z]/' => 26,
            
    '/\d/' => 10,
            
    '/[^a-zA-Z0-9]/' => 10// kludge for any other characters!
        
    );
        
    $chars 0;
        foreach (
    $charsets as $regex => $num)
        {
            
    $chars += preg_match($regex$password) ? $num 0;
        }
        return 
    bcpow($charsstrlen($password));

    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

  2. #2
    Junior Member im_dalecosp's Avatar
    Join Date
    Aug 2016
    Posts
    6
    Proving XKCD right, I see!

  3. #3
    High Energy Magic Dept. NogDog's Avatar
    Join Date
    Aug 2006
    Location
    Ankh-Morpork
    Posts
    14,855
    Quote Originally Posted by im_dalecosp View Post
    Proving XKCD right, I see!
    Yep.
    Code:
    'Tr0ub4dor&3':
      269561249468963094528
    'correcthorsebatterystaple':
      236773830007967588876795164938469376


    Sometimes size does matter.
    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

  4. #4
    Junior Member im_dalecosp's Avatar
    Join Date
    Aug 2016
    Posts
    6
    Hey, if you're a mod can you approve my post in Feedback? (Maybe you're not ...)

  5. #5
    High Energy Magic Dept. NogDog's Avatar
    Join Date
    Aug 2006
    Location
    Ankh-Morpork
    Posts
    14,855
    Quote Originally Posted by im_dalecosp View Post
    Hey, if you're a mod can you approve my post in Feedback? (Maybe you're not ...)
    I'll copy/paste it into the private team forum here, just to keep that stuff out of the public eye.
    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

  6. #6
    Junior Member im_dalecosp's Avatar
    Join Date
    Aug 2016
    Posts
    6
    Heheh, thanks. Perhaps I should remove my avatar ...

  7. #7
    High Energy Magic Dept. NogDog's Avatar
    Join Date
    Aug 2006
    Location
    Ankh-Morpork
    Posts
    14,855
    I posted in the team forum and moved your Feedback thread to our ultra-secret, if-I-told-you-I'd-have-to-shoot-you forum. Hopefully an admin will fix things or be in contact with you soon.
    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

  8. #8
    Junior Member im_dalecosp's Avatar
    Join Date
    Aug 2016
    Posts
    6
    Hey, he did! It took some back-and-forth, but I got my account back. Special thanks to Brad Jones at Quinstreet ...

    I just thought I'd post here and tell you that, Nog! ~~im_dalecosp~~

  9. #9
    Junior Member im_dalecosp's Avatar
    Join Date
    Aug 2016
    Posts
    6
    And since the thread was moved, I can't click "Resolved", but please do know Brad Jones that your hard work is appreciated!!

  10. #10
    phpMaster
    Join Date
    Jun 2005
    Location
    Europe
    Posts
    3,004
    PHP Code:
    $ret PasswordComplexity'zM4(g:Il' );
    echo 
    $ret;
    echo 
    '<br>';
    echo 
    strlen($ret); 
    I like this script.

    As you can see I display the length of the result.
    This gives a better way to compare different results.
    Gives the number of digits in result.
    In this case length is 15 digits.
    Apache-2.4.28 (Win64) / PHP-7.1.10 / MySQL-5.7.19 / phpMyAdmin-4.7.4

  11. #11
    Pedantic Curmudgeon Weedpacket's Avatar
    Join Date
    Aug 2002
    Location
    General Contact Unit "Coping Mechanism"
    Posts
    22,518
    log10 would be more accurate.
    THERE IS AS YET INSUFFICIENT DATA FOR A MEANINGFUL ANSWER
    FAQs! FAQs! FAQs! Most forums have them!
    Search - Debugging 101 - Collected Solutions - General Guidelines - Getting help at all

  12. #12
    Settled 4 red convertible dalecosp's Avatar
    Join Date
    Jul 2002
    Location
    Accelerating Windows at 9.81 m/s....
    Posts
    8,505
    Hmm.

    Code:
    # tail -f -n1 /var/log/php_error_log
    [29-Sep-2017 09:56:17 America/Chicago] PHP Fatal error:  Call to undefined function bcpow() in /usr/home/admin/scripts/pass_test on line 34
    
    #php -v
    PHP 5.6.25 (cli) (built: Sep  8 2016 11:46:53)
    Copyright (c) 1997-2016 The PHP Group
    Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
    Anyone know what's up with that?
    Last edited by dalecosp; 09-29-2017 at 11:02 AM.
    /!!\ mysql_ is deprecated --- don't use it! Tell your hosting company you will switch if they don't upgrade! /!!!\ ereg() is deprecated --- don't use it!

    dalecosp "God doesn't play dice." --- Einstein "Perl is hardly a paragon of beautiful syntax." --- Weedpacket

    Getting Help at All --- Collected Solutions to Common Problems --- Debugging 101 --- Unanswered Posts --- OMBE: Office Machines, Business Equipment

  13. #13
    Settled 4 red convertible dalecosp's Avatar
    Join Date
    Jul 2002
    Location
    Accelerating Windows at 9.81 m/s....
    Posts
    8,505
    Quote Originally Posted by dalecosp View Post
    Hmm.

    Code:
    # tail -f -n1 /var/log/php_error_log
    [29-Sep-2017 09:56:17 America/Chicago] PHP Fatal error:  Call to undefined function bcpow() in /usr/home/admin/scripts/pass_test on line 34
    
    #php -v
    PHP 5.6.25 (cli) (built: Sep  8 2016 11:46:53)
    Copyright (c) 1997-2016 The PHP Group
    Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
    Anyone know what's up with that?

    Nevermind. I am ROOT!!!!

    Code:
    sudo pkg install math/php56-bcmath
    /!!\ mysql_ is deprecated --- don't use it! Tell your hosting company you will switch if they don't upgrade! /!!!\ ereg() is deprecated --- don't use it!

    dalecosp "God doesn't play dice." --- Einstein "Perl is hardly a paragon of beautiful syntax." --- Weedpacket

    Getting Help at All --- Collected Solutions to Common Problems --- Debugging 101 --- Unanswered Posts --- OMBE: Office Machines, Business Equipment

  14. #14
    Settled 4 red convertible dalecosp's Avatar
    Join Date
    Jul 2002
    Location
    Accelerating Windows at 9.81 m/s....
    Posts
    8,505
    Quote Originally Posted by Weedpacket View Post
    log10 would be more accurate.
    I don't want to doubt, but you mean using log10 in place of bcpow?

    If so, can you help then to explain (when you have time), the following?

    PHP Code:
    $s "correct horse battery staple";
    $t "yBKcTR98";
    echo 
    "Complexity of 's': " .PasswordComplexity($s);
    echo 
    "\nComplexity of 't': " .PasswordComplexity($t); 
    Code:
    Complexity of 's': 1.5563025007673
    Complexity of 't': 1.7923916894983
    XKCD is wrong?
    /!!\ mysql_ is deprecated --- don't use it! Tell your hosting company you will switch if they don't upgrade! /!!!\ ereg() is deprecated --- don't use it!

    dalecosp "God doesn't play dice." --- Einstein "Perl is hardly a paragon of beautiful syntax." --- Weedpacket

    Getting Help at All --- Collected Solutions to Common Problems --- Debugging 101 --- Unanswered Posts --- OMBE: Office Machines, Business Equipment

  15. #15
    Pedantic Curmudgeon Weedpacket's Avatar
    Join Date
    Aug 2002
    Location
    General Contact Unit "Coping Mechanism"
    Posts
    22,518
    No, log10 in place of strlen; ceil(log10($ret)) being equivalent to strlen($ret).
    THERE IS AS YET INSUFFICIENT DATA FOR A MEANINGFUL ANSWER
    FAQs! FAQs! FAQs! Most forums have them!
    Search - Debugging 101 - Collected Solutions - General Guidelines - Getting help at all

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •