Closed MichaelSid closed 8 years ago
matthewford
commented
8 years ago Interesting, I have seen some slight discrepancies, we depend on https://github.com/envato/zxcvbn-ruby so I'll see what's happening upstream thanks @MichaelSid for reporting this.
matthewford
commented
8 years ago @MichaelSid ok so.. we've forked that gem and I have a branch which should resolve this issue. I haven't has time to test this out today. But you can checkout the branch: https://github.com/bitzesty/devise_zxcvbn/tree/change_zxcvbn
MichaelSid
commented
8 years ago Hi @matthewford thanks a lot. I'm getting a 404 for that link, but it seems like you just merged it into master 4 days ago?
matthewford
commented
8 years ago @MichaelSid yes sorry that is now in master
carlosa-suarez
commented
8 years ago I still have the same problem with ruby-zxcvbn and angular-zxcvbn, although I updated angular-zxcvbn using the latest one (3.1.1) and zxcvbn JS (4.2.0), I got zxcvbn('qapass@1234').score = 3, while ruby scored as 1 the same password. Any thoughts?
matthewford
commented
8 years ago @carlosa-suarez I'm preparing a new release which should address this issue, we're no longer using ruby-zxcvbn
Hi,
I am using this gem in conjunction with the original JS zxcvbn, which is useful for the front-end of my web app.
The problem is I often see different scores for the same passwords, which is strange considering the ruby one is a port of the JS one. For example:
Ruby: Zxcvbn.test('qwER43@!').score => 1 JS: zxcvbn('qwER43@!').score => 2
Ruby: Zxcvbn.test('Obama!123').score => 1 JS: zxcvbn('Obama!123'').score => 3
It seems the JS one is more lenient than the Ruby one. Is anyone familiar with these differences? Am I doing something wrong here?
Thanks, Michael