From 3eaf6ace7a6d6ded6139857aa5db58c617df88cc Mon Sep 17 00:00:00 2001 From: Lia Date: Tue, 5 Mar 2024 18:56:55 +0100 Subject: [PATCH 1/2] update Readme --- README.md | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index ad43c00..dd81d6c 100644 --- a/README.md +++ b/README.md @@ -1,42 +1,39 @@ # yxcvbn -[![Version](https://img.shields.io/crates/v/zxcvbn.svg)](https://crates.io/crates/zxcvbn) -[![License](https://img.shields.io/crates/l/zxcvbn.svg)](https://github.com/shssoichiro/zxcvbn-rs/blob/master/LICENSE) +[![License](https://img.shields.io/crates/l/zxcvbn.svg)](https://github.com/Identeco/yxcvbn/blob/master/LICENSE) ## Overview -`zxcvbn` is a password strength estimator based off of Dropbox's zxcvbn library. Through pattern matching and conservative estimation, it recognizes and weighs 30k common passwords, common names and surnames according to US census data, popular English words from Wikipedia and US television and movies, and other common patterns like dates, repeats (`aaa`), sequences (`abcd`), keyboard patterns (`qwertyuiop`), and l33t speak. +`yxcvbn` is a German and English password strength estimator based on the rust crate [zxcvbn](https://github.com/shssoichiro/zxcvbn-rs), which is based on Dropbox's zxcvbn library. +using pattern matching and conservative estimation, it recognizes and weights -Consider using zxcvbn as an algorithmic alternative to password composition policy — it is more secure, flexible, and usable when sites require a minimal complexity score in place of annoying rules like "passwords must contain three of {lower, upper, numbers, symbols}". +- 30k common passwords, +- German and English common names and surnames, +- popular German and English words from Wikipedia, +- and other common patterns such as dates, repeats (`aaa`), sequences (`abcd`), keyboard patterns (`qwertz`, `qwerty`, ...), and l33t speak. -* __More secure__: policies often fail both ways, allowing weak passwords (`P@ssword1`) and disallowing strong passwords. -* __More flexible__: zxcvbn allows many password styles to flourish so long as it detects sufficient complexity — passphrases are rated highly given enough uncommon words, keyboard patterns are ranked based on length and number of turns, and capitalization adds more complexity when it's unpredictable. -* __More usable__: zxcvbn is designed to power simple, rule-free interfaces that give instant feedback. In addition to strength estimation, zxcvbn includes minimal, targeted verbal feedback that can help guide users towards less guessable passwords. +Consider using yxcvbn as an algorithmic alternative to password composition policies — it is more secure, flexible, and usable when sites require a minimal complexity score instead of annoying rules like "passwords must contain three of {lower, upper, numbers, symbols}". + +- __More secure__: Policies often fail both ways, allowing weak passwords (`P@ssword1`) and disallowing strong passwords. +- __More flexible__: yxcvbn allows many password styles to flourish as long as it detects sufficient complexity — passphrases are rated highly given enough uncommon words, keyboard patterns are ranked based on length and number of turns, and capitalization adds more complexity when it's unpredictable. +- __More usable__: yxcvbn is designed to power simple, rule-free interfaces that give instant feedback. In addition to strength estimation, yxcvbn includes minimal, targeted verbal feedback that can help guide users towards less guessable passwords. ## Installing -`zxcvbn` can be added to your project's `Cargo.toml` under the `[dependencies]` section, as such: +`yxcvbn` can be added to your project's `Cargo.toml` under the `[dependencies]` section, as such: ```toml [dependencies] -zxcvbn = "2" +yxcvbn = { git = https://github.com/Identeco/yxcvbn/ } ``` -zxcvbn has a "ser" feature flag you can enable if you require serialization support via `serde`. +yxcvbn has a "ser" feature flag you can enable if you require serialization support via `serde`. It is disabled by default to reduce bloat. -zxcvbn follows Semantic Versioning. - -zxcvbn targets the latest stable Rust compiler. -It may compile on earlier versions of the compiler, but is only guaranteed to work on the latest stable. -It should also work on the latest beta and nightly, assuming there are no compiler bugs. - ## Usage -Full API documentation can be found [here](https://docs.rs/zxcvbn/*/zxcvbn/). - -`zxcvbn` exposes one function called `zxcvbn` which can be called to calculate a score (0-4) for a password as well as other relevant information. -`zxcvbn` may also take an array of user inputs (e.g. username, email address, city, state) to provide warnings for passwords containing such information. +`yxcvbn` exposes one function called `zxcvbn` which can be called to calculate a score (0-4) for a password as well as other relevant information. +`yxcvbn` may also take an array of user inputs (e.g. username, email address, city, state) to provide warnings for passwords containing such information. Usage example: @@ -48,6 +45,9 @@ use yxcvbn::zxcvbn; fn main() { let estimate = zxcvbn("correcthorsebatterystaple", &[]).unwrap(); println!("{}", estimate.score()); // 3 + + let estimate = zxcvbn("Gartenhaus123", &[]).unwrap(); + println!("{}", estimate.score()); // 2 } ``` From 36247a46bcd0d4689d57f0919b76a35e57c6a9e8 Mon Sep 17 00:00:00 2001 From: Lia Date: Thu, 7 Mar 2024 14:10:15 +0100 Subject: [PATCH 2/2] fix typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index dd81d6c..86212e2 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ ## Overview `yxcvbn` is a German and English password strength estimator based on the rust crate [zxcvbn](https://github.com/shssoichiro/zxcvbn-rs), which is based on Dropbox's zxcvbn library. -using pattern matching and conservative estimation, it recognizes and weights +Using pattern matching and conservative estimation, it recognizes and weights - 30k common passwords, - German and English common names and surnames,