computes password strength and checks against a list of common passwords
npm install passwd-strengthSimple password strength calculator. It computes the number of bits of entropy of a given password
and also checks the password against a list of over 30,000 common passwords.
npm install --save passwd-strength
Parameters:
* passwd - the password to test.
Returns:
* The number of bits of entropy (floating point number). Higher is better. 0 is returned when a common passwords such as abc123, password, etc is encountered.
``
"use strict";
var passwdStrength = require('passwd-strength');
app.post('/register', function (req, res, next) {
if (passwdStrength(req.body.passwd) < 29) {
next(new Error('Password not strong enough. Add entropy by increasing the password length and including upper case letters, lower case letters, digits, and punctuation.'));
return;
}
// ...
});
``
RFC4086 has a section on Password Generation
that explains how to determine how much entropy you need.
See LICENSE.md