Open cfxegbert opened 4 years ago
Good thing I checked the issue tracker before using this function.
How wrong is this?
Happy to make a pull request but I don't know enough about the maths behind this. Would you have a place to read up on this @cfxegbert ?
Good thing I checked the issue tracker before using this function.
How wrong is this?
Happy to make a pull request but I don't know enough about the maths behind this. Would you have a place to read up on this @cfxegbert ?
The only change to the equation is instead of 2^(-kx) it uses (-k(x - weak_bits)). It just subtracts weak_bits from x. I would have to graph it again to see why the original was incorrect.
Good thing I checked the issue tracker before using this function.
How wrong is this?
Happy to make a pull request but I don't know enough about the maths behind this. Would you have a place to read up on this @cfxegbert ?
Looking at the code again. It states f(x)=0.333 at x=weak_bits. The original equation does not meet that constraint. The original equation is
f(x) = 1 - (1-WEAK_MAX)*2^( -k*x)
At x=weak_bits we want the exponent in 2^(-k*x)
to be zero so the exponential value becomes one. To fix this you have to subtract weak_bits from x
https://github.com/kolypto/py-password-strength/blob/a419c4a1d6e4757792771628c34c7533fe9d2523/password_strength/stats.py#L228
Should be
The constant k becomes