Skip to content

edoardottt/pwdsafety

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

425 Commits

.github

.github

 
 

cmd/pwdsafety

cmd/pwdsafety

 
 

internal

internal

 
 

pkg

pkg

 
 

.gitignore

.gitignore

 
 

.golangci.yml

.golangci.yml

 
 

.goreleaser.yaml

.goreleaser.yaml

 
 

CODE_OF_CONDUCT.md

CODE_OF_CONDUCT.md

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

make.bat

make.bat

 
 

snapcraft.yaml

snapcraft.yaml

 
 

Repository files navigation


Command line tool that checks how much a password is safe
Coded with 💙 by edoardottt.

Mainteinance yes pr-welcome ask me anything go-report-card
workflows ubuntu-build license-GPL3

Get StartedDescriptionScoringContributingChangelog

This tool doesn't store any information!
Never use personal information in your password!

  • Use a password manager (I recommend bitwarden)
  • Don't use the same password for different services
  • Enable 2FA wherever possible

Get Started 🎉

Snap

sudo snap install pwdsafety

Go1.17+

go install -v github.com/edoardottt/pwdsafety@latest

From source

  • First of all, clone the repo locally

    • git clone https://github.com/edoardottt/pwdsafety.git

  • pwdsafety has external dependencies, so they need to be pulled in:

    • cd pwdsafety/cmd && go get && cd ..

  • Linux (Requires high perms, run with sudo)

    • make linux (to install)

    • make unlinux (to uninstall)

  • Windows (executable works only in pwdsafety folder. Alias?)

    • make windows (to install)

    • make unwindows (to uninstall)

Description 🔦

It reads from standard input the entered password.
First, it searches if the password or the password reversed is a well known pwd.
Then, just do little calculations, checking if the basic rules are respected, like if there are UPPERCASE CHARS, lowercase chars, numb3rs and symbols.
It stores the length of the password and the ratio [unique different chars / total chars].
It calculates then the entropy of a password.
Password entropy is a measurement of how unpredictable a password is.
The formula for entropy is:
formula

Where:

  • E = password entropy
  • R = pool of unique characters
  • L = number of characters in your password
  • Then R^L = the number of possible passwords

When the score <= 68(reasonable) it generates a random password.

Scoring 💯

Max score: 100

Scores:

  • Very weak: 0 - 35
  • Weak: 36 - 59
  • Reasonable: 60 - 68
  • Strong: 69 - 80
  • Very strong: 81 -100

Scoring parameters:

  • Found in known password
  • Found in known password reversed
  • Password composition:
    • numbers
    • symbols
    • uppercase
    • lowercase
  • Unique different characters
  • Length
  • Entropy

Contributing 🛠

Just open an issue / pull request.

Before opening a pull request, download golangci-lint and run

golangci-lint run

If there aren't errors, go ahead :)

See also CONTRIBUTING.md and CODE OF CONDUCT.md

Thanks to fabaff and ecnepsnai.

Changelog 📌

Detailed changes for each release are documented in the release notes.

License 📝

This repository is under GNU General Public License v3.0.
edoardoottavianelli.it to contact me.

About

🔒command line tool checking password safety🔒

edoardoottavianelli.it

Topics

linux cli golang security password-generator password password-strength password-safety password-hash safety infosec passwords command-line-tool pwd pwdhash security-scanner golang-application security-tools pwd-safety password-entropy

Resources

Readme

License

GPL-3.0 license

Code of conduct

Code of conduct
Activity

Stars

61 stars

Watchers

5 watching

Forks

13 forks
Report repository

Releases 8

v0.4.0 Latest
Apr 19, 2024
+ 7 releases

Sponsor this project

  •  
Learn more about GitHub Sponsors

Contributors 3

  •  
  •  
  •  

Languages