search

danpalmer / jquery.complexify.js

Complexify helps you to accurately gauge the quality of a user's password to give them visual feedback, and to enforce a minimum level of security.
http://danpalmer.me/jquery-complexify
653 stars 189 forks source link

Ending with "0" returns 0% complexity in demo #28

Closed gabel closed 9 years ago

gabel commented 9 years ago

https://www.danpalmer.me/jquery-complexify

&wasd => 15%
&wasd0 => 0%

Chrome Version 42.0.2311.152 m

danpalmer commented 9 years ago

Ha. So apparently one of the most commonly used passwords is "0". When Complexify uses a banned password list and works in strict mode (i.e. any presence of a banned password means a fail), it finds a 0 and therefore returns a value of 0%.

I think the solution to this is to remove "0" from the default list of banned passwords. We could change the mode to be unstrict by default, but I like that the strict mode essentially helps to 'ban' simple variations on the common passwords.

In the future I might add a 'reason' return value that will allow more useful feedback to the user.

danpalmer commented 9 years ago

Thanks for reporting this, I've just fixed it in the next release, 0.5.1.