diff --git a/README.md b/README.md index ad43c00..86212e2 100644 --- a/README.md +++ b/README.md @@ -1,42 +1,39 @@ # yxcvbn -[![Version](https://img.shields.io/crates/v/zxcvbn.svg)](https://crates.io/crates/zxcvbn) -[![License](https://img.shields.io/crates/l/zxcvbn.svg)](https://github.com/shssoichiro/zxcvbn-rs/blob/master/LICENSE) +[![License](https://img.shields.io/crates/l/zxcvbn.svg)](https://github.com/Identeco/yxcvbn/blob/master/LICENSE) ## Overview -`zxcvbn` is a password strength estimator based off of Dropbox's zxcvbn library. Through pattern matching and conservative estimation, it recognizes and weighs 30k common passwords, common names and surnames according to US census data, popular English words from Wikipedia and US television and movies, and other common patterns like dates, repeats (`aaa`), sequences (`abcd`), keyboard patterns (`qwertyuiop`), and l33t speak. +`yxcvbn` is a German and English password strength estimator based on the rust crate [zxcvbn](https://github.com/shssoichiro/zxcvbn-rs), which is based on Dropbox's zxcvbn library. +Using pattern matching and conservative estimation, it recognizes and weights -Consider using zxcvbn as an algorithmic alternative to password composition policy — it is more secure, flexible, and usable when sites require a minimal complexity score in place of annoying rules like "passwords must contain three of {lower, upper, numbers, symbols}". +- 30k common passwords, +- German and English common names and surnames, +- popular German and English words from Wikipedia, +- and other common patterns such as dates, repeats (`aaa`), sequences (`abcd`), keyboard patterns (`qwertz`, `qwerty`, ...), and l33t speak. -* __More secure__: policies often fail both ways, allowing weak passwords (`P@ssword1`) and disallowing strong passwords. -* __More flexible__: zxcvbn allows many password styles to flourish so long as it detects sufficient complexity — passphrases are rated highly given enough uncommon words, keyboard patterns are ranked based on length and number of turns, and capitalization adds more complexity when it's unpredictable. -* __More usable__: zxcvbn is designed to power simple, rule-free interfaces that give instant feedback. In addition to strength estimation, zxcvbn includes minimal, targeted verbal feedback that can help guide users towards less guessable passwords. +Consider using yxcvbn as an algorithmic alternative to password composition policies — it is more secure, flexible, and usable when sites require a minimal complexity score instead of annoying rules like "passwords must contain three of {lower, upper, numbers, symbols}". + +- __More secure__: Policies often fail both ways, allowing weak passwords (`P@ssword1`) and disallowing strong passwords. +- __More flexible__: yxcvbn allows many password styles to flourish as long as it detects sufficient complexity — passphrases are rated highly given enough uncommon words, keyboard patterns are ranked based on length and number of turns, and capitalization adds more complexity when it's unpredictable. +- __More usable__: yxcvbn is designed to power simple, rule-free interfaces that give instant feedback. In addition to strength estimation, yxcvbn includes minimal, targeted verbal feedback that can help guide users towards less guessable passwords. ## Installing -`zxcvbn` can be added to your project's `Cargo.toml` under the `[dependencies]` section, as such: +`yxcvbn` can be added to your project's `Cargo.toml` under the `[dependencies]` section, as such: ```toml [dependencies] -zxcvbn = "2" +yxcvbn = { git = https://github.com/Identeco/yxcvbn/ } ``` -zxcvbn has a "ser" feature flag you can enable if you require serialization support via `serde`. +yxcvbn has a "ser" feature flag you can enable if you require serialization support via `serde`. It is disabled by default to reduce bloat. -zxcvbn follows Semantic Versioning. - -zxcvbn targets the latest stable Rust compiler. -It may compile on earlier versions of the compiler, but is only guaranteed to work on the latest stable. -It should also work on the latest beta and nightly, assuming there are no compiler bugs. - ## Usage -Full API documentation can be found [here](https://docs.rs/zxcvbn/*/zxcvbn/). - -`zxcvbn` exposes one function called `zxcvbn` which can be called to calculate a score (0-4) for a password as well as other relevant information. -`zxcvbn` may also take an array of user inputs (e.g. username, email address, city, state) to provide warnings for passwords containing such information. +`yxcvbn` exposes one function called `zxcvbn` which can be called to calculate a score (0-4) for a password as well as other relevant information. +`yxcvbn` may also take an array of user inputs (e.g. username, email address, city, state) to provide warnings for passwords containing such information. Usage example: @@ -48,6 +45,9 @@ use yxcvbn::zxcvbn; fn main() { let estimate = zxcvbn("correcthorsebatterystaple", &[]).unwrap(); println!("{}", estimate.score()); // 3 + + let estimate = zxcvbn("Gartenhaus123", &[]).unwrap(); + println!("{}", estimate.score()); // 2 } ```