Scroll to navigation

Data::Password::zxcvbn::MatchList(3pm) User Contributed Perl Documentation Data::Password::zxcvbn::MatchList(3pm)

NAME

Data::Password::zxcvbn::MatchList - a collection of matches for a password

VERSION

version 1.0.4

SYNOPSIS

  use Data::Password::zxcvbn::MatchList;
  my $list = Data::Password::zxcvbn::MatchList->omnimatch($password)
              ->most_guessable_match_list;

DESCRIPTION

zxcvbn estimates the strength of a password by guessing which way a generic password cracker would produce it, and then guessing after how many tries it would produce it.

This class represents a list of guesses ("matches"), covering different substrings of a password.

ATTRIBUTES

"password"

Required string, the password this list is about.

"matches"

Arrayref, the actual list of matches.

"guesses"

The estimated number of attempts that a generic password cracker would need to guess the whole "password". This will be set for objects returned by ""most_guessable_match_list"", not for those returned by ""omnimatch"".

METHODS

"omnimatch"

  my $match_list = Data::Password::zxcvbn::MatchList->omnimatch($password,\%opts);

Main constructor (the name comes from the original JS implementation). Calls "->make($password,\%opts)" on all the "Data::Password::zxcvbn::Match::*" classes (or the ones in "@{$opts{modules}}"), combines all the matches, and returns a "MatchList" holding them.

"most_guessable_match_list"

  my $minimal_list = $match_list->most_guessable_match_list;

This method extracts, from the "matches" of the invocant, a list of non-overlapping matches with minimum guesses. That list should represent the way that a generic password cracker would guess the "password", and as such is the one that the main function will use.

"guesses_log10"

The logarithm in base 10 of ""guesses"".

"score"

  my $score = $match_list->score;

Returns an integer from 0-4 (useful for implementing a strength bar). See "Data::Password::zxcvbn::TimeEstimate::guesses_to_score".

"get_feedback"

  my %feedback = %{ $match_list->get_feedback };
  my %feedback = %{ $match_list->get_feedback($max_score_for_feedback) };

If there's no matches, returns the result of ""feedback_for_no_matches"".

If the match list "score" is above $max_score_for_feedback (default 2), returns the result of ""feedback_above_threshold"".

Otherwise, collects all the feedback from the "matches", and returns it, merged with the result of ""feedback_below_threshold"" (suggestions are appended, but the warning from the matches takes precendence).

"feedback_for_no_matches"

Returns a feedback for when the password didn't match any of our heuristics. It contains no warning, and some simple common suggestions.

"feedback_above_threshold"

Returns a feedback for when the password scored above the threshold passed to ""get_feedback"" (i.e. the password is "good"). It's an empty feedback.

"feedback_below_threshold"

Returns a feedback for when the password scored below the threshold passed to ""get_feedback"" (i.e. the password is "bad"). It suggests to add some words.

AUTHOR

Gianni Ceccarelli <gianni.ceccarelli@broadbean.com>

COPYRIGHT AND LICENSE

This software is copyright (c) 2018 by BroadBean UK, a CareerBuilder Company.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

2020-07-13 perl v5.30.3