eric: comparison src/eric7/Utilities/PasswordChecker.py

-:82de5109035a
+:95a15b70f7bb
-# -*- coding: utf-8 -*-
-# Copyright (c) 2011 - 2024 Detlev Offenbach <detlev@die-offenbachs.de>
-#
-"""
-Module implementing a checker for password strength.
-"""
-import enum
-import re
-class PasswordStrength(enum.IntEnum):
-"""
-Class defining the password strength.
-"""
-VeryWeak = 0
-Weak = 1
-Good = 2
-Strong = 3
-VeryStrong = 4
-class PasswordCheckStatus(enum.Enum):
-"""
-Class defining the status of a password check.
-"""
-Failed = 0
-Passed = 1
-Exceeded = 2
-class PasswordChecker:
-"""
-Class implementing a checker for password strength.
-"""
-def __init__(self):
-"""
-Constructor
-"""
-self.score = {"count": 0, "adjusted": 0, "beforeRedundancy": 0}
-# complexity index
-self.complexity = {
-"limits": [20, 50, 60, 80, 100],
-"value": PasswordStrength.VeryWeak,
-}
-# check categories follow
-# length of the password
-self.passwordLength = {
-"count": 0,
-"minimum": 6,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": 0.5,  # per character bonus
-"bonus": 10,  # minimum reached? Get a bonus.
-"penalty": -20,  # if we stay under minimum, we get punished
-}
-# recommended password length
-self.recommendedPasswordLength = {
-"count": 0,
-"minimum": 8,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": 1.2,
-"bonus": 10,
-"penalty": -10,
-}
-# Basic requirements are:
-# 1) Password Length
-# 2) Uppercase letter use
-# 3) Lowercase letter use
-# 4) Numeric character use
-# 5) Symbol use
-self.basicRequirements = {
-"count": 0,
-"minimum": 3,  # have to be matched to get the bonus
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": 1.0,
-"bonus": 10,
-"penalty": -10,
-}
-# how much redundancy is permitted, if the password is
-# long enough. we will skip the redudancy penalty if this
-# number is not exceeded (meaning redundancy < this number)
-self.redundancy = {
-"value": 1,  # 1 means, not double characters,
-# default to start
-"permitted": 2.0,  # 2 means, in average every character
-# can occur twice
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-}
-# number of uppercase letters, such as A-Z
-self.uppercaseLetters = {
-"count": 0,
-"minimum": 1,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": 0.0,
-"bonus": 10,
-"penalty": -10,
-}
-# number of lowercase letters, such as a-z
-self.lowercaseLetters = {
-"count": 0,
-"minimum": 1,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": 0.0,
-"bonus": 10,
-"penalty": -10,
-}
-# number of numeric characters
-self.numerics = {
-"count": 0,
-"minimum": 1,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": 0.0,
-"bonus": 10,
-"penalty": -10,
-}
-# number of symbol characters
-self.symbols = {
-"count": 0,
-"minimum": 1,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": 0.0,
-"bonus": 10,
-"penalty": -10,
-}
-# number of dedicated symbols in the middle
-self.middleSymbols = {
-"count": 0,
-"minimum": 1,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": 0.0,
-"bonus": 10,
-"penalty": -10,
-}
-# number of dedicated numbers in the middle
-self.middleNumerics = {
-"count": 0,
-"minimum": 1,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": 0.0,
-"bonus": 10,
-"penalty": -10,
-}
-# how many sequential characters should be checked
-# such as "abc" or "MNO" to be not part of the password
-self.sequentialLetters = {
-"data": "abcdefghijklmnopqrstuvwxyz",
-"length": 3,
-"count": 0,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": -1.0,
-"bonus": 0,
-"penalty": -10,
-}
-# how many sequential characters should be checked
-# such as "123" to be not part of the password
-self.sequentialNumerics = {
-"data": "0123456789",
-"length": 3,
-"count": 0,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": -1.0,
-"bonus": 0,
-"penalty": -10,
-}
-# keyboard patterns to check, typical sequences from your
-# keyboard
-self.keyboardPatterns = {
-# German and English keyboard text
-"data": [
-"qwertzuiop",
-"asdfghjkl",
-"yxcvbnm",
-'!"§$%&/()=',  # de
-"1234567890",  # de numbers
-"qaywsxedcrfvtgbzhnujmik,ol.pö-üä+#",  # de up-down
-"qwertyuiop",
-"asdfghjkl",
-"zyxcvbnm",
-"!@#$%^&*()_",  # en
-"1234567890",  # en numbers
-"qazwsxedcrfvtgbyhnujmik,ol.p;/[']\\",  # en up-down
-],
-"length": 4,  # how long is the pattern to check and blame for?
-"count": 0,  # how many of these pattern can be found
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": -1.0,  # each occurrence is punished with that factor
-"bonus": 0,
-"penalty": -10,
-}
-# check for repeated sequences, like in catcat
-self.repeatedSequences = {
-"length": 3,
-"count": 0,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": 0.0,
-"bonus": 0,
-"penalty": -10,
-}
-# check for repeated mirrored sequences, like in tactac
-self.mirroredSequences = {
-"length": 3,
-"count": 0,
-"status": PasswordCheckStatus.Failed,
-"rating": 0,
-"factor": 0.0,
-"bonus": 0,
-"penalty": -10,
-}
-self.uppercaseRe = re.compile("[A-Z]")
-self.lowercaseRe = re.compile("[a-z]")
-self.numberRe = re.compile("[0-9]")
-self.symbolRe = re.compile("[^a-zA-Z0-9]")
-def __strReverse(self, string):
-"""
-Private method to reverse a string.
-@param string string to be reversed
-@type str
-@return reversed string
-@rtype str
-"""
-return "".join(reversed(string))
-def __determineStatus(self, value):
-"""
-Private method to determine the status.
-@param value value to check
-@type int
-@return status
-@rtype PasswordCheckStatus
-"""
-if value == 0:
-return PasswordCheckStatus.Passed
-elif value > 0:
-return PasswordCheckStatus.Exceeded
-else:
-return PasswordCheckStatus.Failed
-def __determineBinaryStatus(self, value):
-"""
-Private method to determine a binary status.
-@param value value to check
-@type int
-@return status
-@rtype PasswordCheckStatus
-"""
-if value == 0:
-return PasswordCheckStatus.Passed
-else:
-return PasswordCheckStatus.Failed
-def checkPassword(self, password):
-"""
-Public method to check a given password.
-@param password password to be checked
-@type str
-@return indication for the password strength
-@rtype PasswordStrength
-"""
-# how long is the password?
-self.passwordLength["count"] = len(password)
-self.recommendedPasswordLength["count"] = len(password)
-# Loop through password to check for Symbol, Numeric, Lowercase
-# and Uppercase pattern matches
-for index in range(len(password)):
-if self.uppercaseRe.match(password[index]):
-self.uppercaseLetters["count"] += 1
-elif self.lowercaseRe.match(password[index]):
-self.lowercaseLetters["count"] += 1
-elif self.numberRe.match(password[index]):
-if index > 0 and index < len(password) - 1:
-self.middleNumerics["count"] += 1
-self.numerics["count"] += 1
-elif self.symbolRe.match(password[index]):
-if index > 0 and index < len(password) - 1:
-self.middleSymbols["count"] += 1
-self.symbols["count"] += 1
-# check the variance of symbols or better the redundancy
-# makes only sense for at least two characters
-if len(password) > 1:
-uniqueCharacters = []
-for index1 in range(len(password)):
-found = False
-for index2 in range(index1 + 1, len(password)):
-if password[index1] == password[index2]:
-found = True
-break
-if not found:
-uniqueCharacters.append(password[index1])
-# calculate a redundancy number
-self.redundancy["value"] = len(password) / len(uniqueCharacters)
-# Check for sequential alpha string patterns (forward and reverse)
-# but only, if the string has already a length to check for, does
-# not make sense to check the password "ab" for the sequential data
-# "abc"
-lowercasedPassword = password.lower()
-if self.passwordLength["count"] >= self.sequentialLetters["length"]:
-for index in range(
-len(self.sequentialLetters["data"])
-- self.sequentialLetters["length"]
-+ 1
-):
-fwd = self.sequentialLetters["data"][
-index : index + self.sequentialLetters["length"]
-]
-rev = self.__strReverse(fwd)
-if lowercasedPassword.find(fwd) != -1:
-self.sequentialLetters["count"] += 1
-if lowercasedPassword.find(rev) != -1:
-self.sequentialLetters["count"] += 1
-# Check for sequential numeric string patterns (forward and reverse)
-if self.passwordLength["count"] >= self.sequentialNumerics["length"]:
-for index in range(
-len(self.sequentialNumerics["data"])
-- self.sequentialNumerics["length"]
-+ 1
-):
-fwd = self.sequentialNumerics["data"][
-index : index + self.sequentialNumerics["length"]
-]
-rev = self.__strReverse(fwd)
-if lowercasedPassword.find(fwd) != -1:
-self.sequentialNumerics["count"] += 1
-if lowercasedPassword.find(rev) != -1:
-self.sequentialNumerics["count"] += 1
-# Check common keyboard patterns
-patternsMatched = []
-if self.passwordLength["count"] >= self.keyboardPatterns["length"]:
-for pattern in self.keyboardPatterns["data"]:
-for index in range(len(pattern) - self.keyboardPatterns["length"] + 1):
-fwd = pattern[index : index + self.keyboardPatterns["length"]]
-rev = self.__strReverse(fwd)
-if (
-lowercasedPassword.find(fwd) != -1
-and fwd not in patternsMatched
-):
-self.keyboardPatterns["count"] += 1
-patternsMatched.append(fwd)
-if (
-lowercasedPassword.find(rev) != -1
-and fwd not in patternsMatched
-):
-self.keyboardPatterns["count"] += 1
-patternsMatched.append(rev)
-# Try to find repeated sequences of characters.
-if self.passwordLength["count"] >= self.repeatedSequences["length"]:
-for index in range(
-len(lowercasedPassword) - self.repeatedSequences["length"] + 1
-):
-fwd = lowercasedPassword[
-index : index + self.repeatedSequences["length"]
-]
-if (
-lowercasedPassword.find(
-fwd, index + self.repeatedSequences["length"]
-)
-!= -1
-):
-self.repeatedSequences["count"] += 1
-# Try to find mirrored sequences of characters.
-if self.passwordLength["count"] >= self.mirroredSequences["length"]:
-for index in range(
-len(lowercasedPassword) - self.mirroredSequences["length"] + 1
-):
-fwd = lowercasedPassword[
-index : index + self.mirroredSequences["length"]
-]
-rev = self.__strReverse(fwd)
-if (
-lowercasedPassword.find(
-fwd, index + self.mirroredSequences["length"]
-)
-!= -1
-):
-self.mirroredSequences["count"] += 1
-# Initial score based on length
-self.score["count"] = (
-self.passwordLength["count"] * self.passwordLength["factor"]
-)
-# passwordLength
-# credit additional length or punish "under" length
-if self.passwordLength["count"] >= self.passwordLength["minimum"]:
-# credit additional characters over minimum
-self.passwordLength["rating"] = (
-self.passwordLength["bonus"]
-+ (self.passwordLength["count"] - self.passwordLength["minimum"])
-* self.passwordLength["factor"]
-)
-else:
-self.passwordLength["rating"] = self.passwordLength["penalty"]
-self.score["count"] += self.passwordLength["rating"]
-# recommendedPasswordLength
-# Credit reaching the recommended password length or put a
-# penalty on it
-if self.passwordLength["count"] >= self.recommendedPasswordLength["minimum"]:
-self.recommendedPasswordLength["rating"] = (
-self.recommendedPasswordLength["bonus"]
-+ (
-self.passwordLength["count"]
-- self.recommendedPasswordLength["minimum"]
-)
-* self.recommendedPasswordLength["factor"]
-)
-else:
-self.recommendedPasswordLength["rating"] = self.recommendedPasswordLength[
-"penalty"
-]
-self.score["count"] += self.recommendedPasswordLength["rating"]
-# lowercaseLetters
-# Honor or punish the lowercase letter use
-if self.lowercaseLetters["count"] > 0:
-self.lowercaseLetters["rating"] = (
-self.lowercaseLetters["bonus"]
-+ self.lowercaseLetters["count"] * self.lowercaseLetters["factor"]
-)
-else:
-self.lowercaseLetters["rating"] = self.lowercaseLetters["penalty"]
-self.score["count"] += self.lowercaseLetters["rating"]
-# uppercaseLetters
-# Honor or punish the lowercase letter use
-if self.uppercaseLetters["count"] > 0:
-self.uppercaseLetters["rating"] = (
-self.uppercaseLetters["bonus"]
-+ self.uppercaseLetters["count"] * self.uppercaseLetters["factor"]
-)
-else:
-self.uppercaseLetters["rating"] = self.uppercaseLetters["penalty"]
-self.score["count"] += self.uppercaseLetters["rating"]
-# numerics
-# Honor or punish the numerics use
-if self.numerics["count"] > 0:
-self.numerics["rating"] = (
-self.numerics["bonus"]
-+ self.numerics["count"] * self.numerics["factor"]
-)
-else:
-self.numerics["rating"] = self.numerics["penalty"]
-self.score["count"] += self.numerics["rating"]
-# symbols
-# Honor or punish the symbols use
-if self.symbols["count"] > 0:
-self.symbols["rating"] = (
-self.symbols["bonus"] + self.symbols["count"] * self.symbols["factor"]
-)
-else:
-self.symbols["rating"] = self.symbols["penalty"]
-self.score["count"] += self.symbols["rating"]
-# middleSymbols
-# Honor or punish the middle symbols use
-if self.middleSymbols["count"] > 0:
-self.middleSymbols["rating"] = (
-self.middleSymbols["bonus"]
-+ self.middleSymbols["count"] * self.middleSymbols["factor"]
-)
-else:
-self.middleSymbols["rating"] = self.middleSymbols["penalty"]
-self.score["count"] += self.middleSymbols["rating"]
-# middleNumerics
-# Honor or punish the middle numerics use
-if self.middleNumerics["count"] > 0:
-self.middleNumerics["rating"] = (
-self.middleNumerics["bonus"]
-+ self.middleNumerics["count"] * self.middleNumerics["factor"]
-)
-else:
-self.middleNumerics["rating"] = self.middleNumerics["penalty"]
-self.score["count"] += self.middleNumerics["rating"]
-# sequentialLetters
-# Honor or punish the sequential letter use
-if self.sequentialLetters["count"] == 0:
-self.sequentialLetters["rating"] = (
-self.sequentialLetters["bonus"]
-+ self.sequentialLetters["count"] * self.sequentialLetters["factor"]
-)
-else:
-self.sequentialLetters["rating"] = self.sequentialLetters["penalty"]
-self.score["count"] += self.sequentialLetters["rating"]
-# sequentialNumerics
-# Honor or punish the sequential numerics use
-if self.sequentialNumerics["count"] == 0:
-self.sequentialNumerics["rating"] = (
-self.sequentialNumerics["bonus"]
-+ self.sequentialNumerics["count"] * self.sequentialNumerics["factor"]
-)
-else:
-self.sequentialNumerics["rating"] = self.sequentialNumerics["penalty"]
-self.score["count"] += self.sequentialNumerics["rating"]
-# keyboardPatterns
-# Honor or punish the keyboard patterns use
-if self.keyboardPatterns["count"] == 0:
-self.keyboardPatterns["rating"] = (
-self.keyboardPatterns["bonus"]
-+ self.keyboardPatterns["count"] * self.keyboardPatterns["factor"]
-)
-else:
-self.keyboardPatterns["rating"] = self.keyboardPatterns["penalty"]
-self.score["count"] += self.keyboardPatterns["rating"]
-# Count our basicRequirements and set the status
-self.basicRequirements["count"] = 0
-# password length
-self.passwordLength["status"] = self.__determineStatus(
-self.passwordLength["count"] - self.passwordLength["minimum"]
-)
-if self.passwordLength["status"] != PasswordCheckStatus.Failed:
-# requirement met
-self.basicRequirements["count"] += 1
-# uppercase letters
-self.uppercaseLetters["status"] = self.__determineStatus(
-self.uppercaseLetters["count"] - self.uppercaseLetters["minimum"]
-)
-if self.uppercaseLetters["status"] != PasswordCheckStatus.Failed:
-# requirement met
-self.basicRequirements["count"] += 1
-# lowercase letters
-self.lowercaseLetters["status"] = self.__determineStatus(
-self.lowercaseLetters["count"] - self.lowercaseLetters["minimum"]
-)
-if self.lowercaseLetters["status"] != PasswordCheckStatus.Failed:
-# requirement met
-self.basicRequirements["count"] += 1
-# numerics
-self.numerics["status"] = self.__determineStatus(
-self.numerics["count"] - self.numerics["minimum"]
-)
-if self.numerics["status"] != PasswordCheckStatus.Failed:
-# requirement met
-self.basicRequirements["count"] += 1
-# symbols
-self.symbols["status"] = self.__determineStatus(
-self.symbols["count"] - self.symbols["minimum"]
-)
-if self.symbols["status"] != PasswordCheckStatus.Failed:
-# requirement met
-self.basicRequirements["count"] += 1
-# judge the requirement status
-self.basicRequirements["status"] = self.__determineStatus(
-self.basicRequirements["count"] - self.basicRequirements["minimum"]
-)
-if self.basicRequirements["status"] != PasswordCheckStatus.Failed:
-self.basicRequirements["rating"] = (
-self.basicRequirements["bonus"]
-+ self.basicRequirements["factor"] * self.basicRequirements["count"]
-)
-else:
-self.basicRequirements["rating"] = self.basicRequirements["penalty"]
-self.score["count"] += self.basicRequirements["rating"]
-# beyond basic requirements
-self.recommendedPasswordLength["status"] = self.__determineStatus(
-self.recommendedPasswordLength["count"]
-- self.recommendedPasswordLength["minimum"]
-)
-self.middleNumerics["status"] = self.__determineStatus(
-self.middleNumerics["count"] - self.middleNumerics["minimum"]
-)
-self.middleSymbols["status"] = self.__determineStatus(
-self.middleSymbols["count"] - self.middleSymbols["minimum"]
-)
-self.sequentialLetters["status"] = self.__determineBinaryStatus(
-self.sequentialLetters["count"]
-)
-self.sequentialNumerics["status"] = self.__determineBinaryStatus(
-self.sequentialNumerics["count"]
-)
-self.keyboardPatterns["status"] = self.__determineBinaryStatus(
-self.keyboardPatterns["count"]
-)
-self.repeatedSequences["status"] = self.__determineBinaryStatus(
-self.repeatedSequences["count"]
-)
-self.mirroredSequences["status"] = self.__determineBinaryStatus(
-self.mirroredSequences["count"]
-)
-# we apply them only, if the length is not awesome
-if self.recommendedPasswordLength["status"] != PasswordCheckStatus.Exceeded:
-# repeatedSequences
-# Honor or punish the use of repeated sequences
-if self.repeatedSequences["count"] == 0:
-self.repeatedSequences["rating"] = self.repeatedSequences["bonus"]
-else:
-self.repeatedSequences["rating"] = (
-self.repeatedSequences["penalty"]
-+ self.repeatedSequences["count"] * self.repeatedSequences["factor"]
-)
-# mirroredSequences
-# Honor or punish the use of mirrored sequences
-if self.mirroredSequences["count"] == 0:
-self.mirroredSequences["rating"] = self.mirroredSequences["bonus"]
-else:
-self.mirroredSequences["rating"] = (
-self.mirroredSequences["penalty"]
-+ self.mirroredSequences["count"] * self.mirroredSequences["factor"]
-)
-# save value before redundancy
-self.score["beforeRedundancy"] = self.score["count"]
-# apply the redundancy
-# is the password length requirement fulfilled?
-if (
-self.recommendedPasswordLength["status"] != PasswordCheckStatus.Exceeded
-and self.score["count"] > 0
-):
-# full penalty, because password is not long enough, only for
-# a positive score
-self.score["count"] *= 1.0 / self.redundancy["value"]
-# level it out
-if self.score["count"] > 100:
-self.score["adjusted"] = 100
-elif self.score["count"] < 0:
-self.score["adjusted"] = 0
-else:
-self.score["adjusted"] = self.score["count"]
-# judge it
-for index in range(len(self.complexity["limits"])):
-if self.score["adjusted"] <= self.complexity["limits"][index]:
-self.complexity["value"] = PasswordStrength(index)
-break
-return self.complexity["value"]

Mercurial Repositories > eric / file comparison

comparison: src/eric7/Utilities/PasswordChecker.py

src/eric7/Utilities/PasswordChecker.py