Data

Tools

Indexes

Applications

Experiments

Open Source Science

zxcvbn-python

Python implementation of Dropbox's realistic password strength estimator

https://github.com/dwolfhub/zxcvbn-python

Science Score: 13.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (9.7%) to scientific vocabulary

Keywords

password python-2 python-3 security zxcvbn

Keywords from Contributors

fuzzing property-based-testing serialize closember ipython notebook repl spec-0 packaging pip
Last synced: 6 months ago · JSON representation

Repository

Python implementation of Dropbox's realistic password strength estimator

Basic Info
  • Host: GitHub
  • Owner: dwolfhub
  • License: mit
  • Language: Python
  • Default Branch: master
  • Size: 8.8 MB
Statistics
  • Stars: 677
  • Watchers: 14
  • Forks: 79
  • Open Issues: 7
  • Releases: 0
Topics
password python-2 python-3 security zxcvbn
Created over 9 years ago · Last pushed about 1 year ago
Metadata Files
Readme Changelog License

README.rst 

|Build Status|

zxcvbn
======

A realistic password strength estimator.

This is a Python implementation of the library created by the team at Dropbox.
The original library, written for JavaScript, can be found
`here `__.

While there may be other Python ports available, this one is the most up
to date and is recommended by the original developers of zxcvbn at this
time.


Features
--------
- **Tested in Python versions 3.8-3.13**
- Accepts user data to be added to the dictionaries that are tested against (name, birthdate, etc)
- Gives a score to the password, from 0 (terrible) to 4 (great)
- Provides feedback on the password and ways to improve it
- Returns time estimates on how long it would take to guess the password in different situations

Installation
------------

Install the package using pip: ``pip install zxcvbn``

Usage
-----

Pass a password as the first parameter, and a list of user-provided
inputs as the ``user_inputs`` parameter (optional).

.. code:: python

    from zxcvbn import zxcvbn

    results = zxcvbn('JohnSmith123', user_inputs=['John', 'Smith'])

    print(results)

Output:

::

    {
        'password': 'JohnSmith123',
        'score': 2,
        'guesses': 2567800,
        'guesses_log10': 6.409561194521849,
        'calc_time': datetime.timedelta(0, 0, 5204)
        'feedback': {
            'warning': '',
            'suggestions': [
                'Add another word or two. Uncommon words are better.',
                "Capitalization doesn't help very much"
            ]
        },
        'crack_times_display': {
            'offline_fast_hashing_1e10_per_second': 'less than a second'
            'offline_slow_hashing_1e4_per_second': '4 minutes',
            'online_no_throttling_10_per_second': '3 days',
            'online_throttling_100_per_hour': '3 years',
        },
        'crack_times_seconds': {
            'offline_fast_hashing_1e10_per_second': 0.00025678,
            'offline_slow_hashing_1e4_per_second': 256.78
            'online_no_throttling_10_per_second': 256780.0,
            'online_throttling_100_per_hour': 92440800.0,
        },
        'sequence': [{
            'matched_word': 'john',
            'rank': 2,
            'pattern': 'dictionary',
            'reversed': False,
            'token': 'John',
            'l33t': False,
            'uppercase_variations': 2,
            'i': 0,
            'guesses': 50,
            'l33t_variations': 1,
            'dictionary_name': 'male_names',
            'base_guesses': 2,
            'guesses_log10': 1.6989700043360185,
            'j': 3
        }, {
            'matched_word': 'smith123',
            'rank': 12789,
            'pattern': 'dictionary',
            'reversed': False,
            'token': 'Smith123',
            'l33t': False,
            'uppercase_variations': 2,
            'i': 4,
            'guesses': 25578,
            'l33t_variations': 1,
            'dictionary_name': 'passwords',
            'base_guesses': 12789,
            'guesses_log10': 4.407866583030775,
            'j': 11
        }],
    }

Another optional argument is ``max_length``, allowing override of the default max password length of 72.
.. code:: python

    from zxcvbn import zxcvbn

    results = zxcvbn('JohnSmith321', user_inputs=['John', 'Smith'], max_length=88)

.. warning::

   We strongly advise against setting ``max_length`` greater than 72,
   as it can lead to long processing times and may leave server-side applications open
   to denial-of-service scenarios.

Custom Ranked Dictionaries
--------------------------

In order to support more languages or just add password dictionaries of your own, there is a helper function you may use.

.. code:: python

    from zxcvbn.matching import add_frequency_lists

    add_frequency_lists({
        'my_list': ['foo', 'bar'],
        'another_list': ['baz']
    })

These lists will be added to the current ones, but you can also overwrite the current ones if you wish.
The lists you add should be in order of how common the word is used with the most common words appearing first.


CLI
~~~

You an also use zxcvbn from the command line::

    echo 'password' | zxcvbn --user-input  | jq

You can include a ``--max-length`` argument::
    echo '' | zxcvbn --max-length 142

You can also execute the zxcvbn module::

    echo 'password' | python -m zxcvbn --user-input  | jq

Contribute
----------

- Report an Issue: https://github.com/dwolfhub/zxcvbn-python/issues
- Submit a Pull Request: https://github.com/dwolfhub/zxcvbn-python/pulls

License
-------

The project is licensed under the MIT license.


.. |Build Status| image:: https://travis-ci.org/dwolfhub/zxcvbn-python.svg?branch=master
   :target: https://travis-ci.org/dwolfhub/zxcvbn-python

Owner

  • Name: Daniel Wolf
  • Login: dwolfhub
  • Kind: user
  • Location: Chicago, IL
  • Company: Punchkick

Developer of large-scale web awesomeness.

GitHub Events

Total
  • Issues event: 9
  • Watch event: 26
  • Issue comment event: 25
  • Push event: 4
  • Pull request review event: 2
  • Pull request event: 18
  • Fork event: 12
  • Create event: 1
Last Year
  • Issues event: 9
  • Watch event: 26
  • Issue comment event: 25
  • Push event: 4
  • Pull request review event: 2
  • Pull request event: 18
  • Fork event: 12
  • Create event: 1

Committers

Last synced: 9 months ago

All Time
  • Total Commits: 163
  • Total Committers: 15
  • Avg Commits per committer: 10.867
  • Development Distribution Score (DDS): 0.319
Past Year
  • Commits: 34
  • Committers: 2
  • Avg Commits per committer: 17.0
  • Development Distribution Score (DDS): 0.029
Top Committers
Name Email Commits
Daniel Wolf d****5@g****m 111
jackbrett m****j@g****m 33
Omer Katz o****w@g****m 4
Thomas Grainger t****n@g****m 3
Stephen J. Fuhry s****e@t****m 2
jason c****4 1
akiriati a****k@d****m 1
Michal Čihař m****l@c****m 1
Matt Goldman m****t@c****m 1
Karthikeyan Singaravelan t****i@g****m 1
Jon Banafato j****o@g****m 1
Harrison Wright m****l@h****e 1
Christophe Vu-Brugier c****r@f****m 1
Alexander Alasjö a****r@a****e 1
Daniel Wolf d****n@w****s 1
Committer Domains (Top 20 + Academic)
wolfco.us: 1 alasjo.se: 1 fastmail.fm: 1 harrisonwright.me: 1 carsandbids.com: 1 cihar.com: 1 dropbox.com: 1 tpastream.com: 1

Issues and Pull Requests

Last synced: 6 months ago

All Time
  • Total issues: 44
  • Total pull requests: 53
  • Average time to close issues: 7 months
  • Average time to close pull requests: 5 months
  • Total issue authors: 39
  • Total pull request authors: 24
  • Average comments per issue: 1.7
  • Average comments per pull request: 1.75
  • Merged pull requests: 32
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 3
  • Pull requests: 19
  • Average time to close issues: 2 months
  • Average time to close pull requests: 12 days
  • Issue authors: 3
  • Pull request authors: 4
  • Average comments per issue: 2.0
  • Average comments per pull request: 0.21
  • Merged pull requests: 8
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
  • graingert (3)
  • alekhood317 (2)
  • dwolfhub (2)
  • rudolphfroger (2)
  • TruncatedDinosour (1)
  • AbsurdlySuspicious (1)
  • nitrocode (1)
  • di (1)
  • Tostino (1)
  • kaselis (1)
  • Lucas-C (1)
  • stalkerg (1)
  • jbeich (1)
  • comradesmith (1)
  • sparrowt (1)
Pull Request Authors
  • musicsnobj (14)
  • dwolfhub (7)
  • thedrow (4)
  • graingert (4)
  • covert-encryption (2)
  • AbsurdlySuspicious (2)
  • fuhrysteve (2)
  • yweber (2)
  • whwright (1)
  • liu-kan (1)
  • robotmlg (1)
  • tirkarthi (1)
  • kent-engstrom (1)
  • septatrix (1)
  • nijel (1)
Top Labels
Issue Labels
help wanted (3) enhancement (2) bug (1)
Pull Request Labels

Packages

  • Total packages: 3
  • Total downloads:
    • pypi 645,034 last-month
  • Total docker downloads: 23,872
  • Total dependent packages: 21
    (may contain duplicates)
  • Total dependent repositories: 462
    (may contain duplicates)
  • Total versions: 32
  • Total maintainers: 3
pypi.org: zxcvbn
  • Versions: 6
  • Dependent Packages: 18
  • Dependent Repositories: 262
  • Downloads: 633,563 Last month
  • Docker Downloads: 22,860
Rankings
Dependent packages count: 0.6%
Downloads: 0.7%
Docker downloads count: 0.7%
Dependent repos count: 0.9%
Average: 1.7%
Stargazers count: 2.5%
Forks count: 4.8%
Maintainers (2)
dwolfpi rpearl
Last synced: 6 months ago
pypi.org: zxcvbn-python
  • Versions: 22
  • Dependent Packages: 3
  • Dependent Repositories: 200
  • Downloads: 11,471 Last month
  • Docker Downloads: 1,012
Rankings
Dependent repos count: 1.1%
Docker downloads count: 2.1%
Dependent packages count: 2.4%
Stargazers count: 2.5%
Average: 2.6%
Downloads: 2.8%
Forks count: 4.5%
Maintainers (1)
dwolfpi
Last synced: 7 months ago
spack.io: py-zxcvbn

A realistic password strength estimator. This is a Python implementation of the library created by the team at Dropbox.

  • Versions: 4
  • Dependent Packages: 0
  • Dependent Repositories: 0
Rankings
Dependent repos count: 0.0%
Stargazers count: 9.4%
Forks count: 13.6%
Average: 20.1%
Dependent packages count: 57.3%
Maintainers (1)
adamjstewart
Last synced: 6 months ago

Dependencies

requirements.txt pypi
  • pytest ==3.5.0
.github/workflows/build.yml actions
  • actions/checkout master composite
  • actions/setup-python v5 composite
setup.py pypi