Skip to content
/ abdi Public

mozilla WebAppSec password storage guidelines in a reusable form

License

Unlicense license
5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fortytw2/abdi

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.travis.yml
.travis.yml
 
 
README.md
README.md
 
 
UNLICENSE
UNLICENSE
 
 
abdi.go
abdi.go
 
 
abdi_test.go
abdi_test.go
 
 
blacklist.go
blacklist.go
 
 

Repository files navigation

Abdi

Build Status GoDoc

Hide! - a dead simple library for verifying and hashing passwords, following the Mozilla Password guidelines found here using the prescribed salted bcrypt + hmac.

Contains a 1000 word password Blacklist derived from here

Usage

Install with go get github.com/fortytw2/abdi

Example -

package main

import (
  "fmt"
  "github.com/fortyw2/abdi"
)

func main() {
  // by default, abdi.Hash enforces an 8 character minimum password length
  // change this by changing abdi.MinPasswordLength

  // to change the default Blacklist, simply edit abdi.Blacklist, a []string

  hash, err := abdi.Hash("thispassword", []byte("my hmac key"))
  if err != nil {
    panic(err)
  }

  if err = abdi.Check("thispassword", hash, []byte("my hmac key")); err == nil {
    fmt.Println("Password looks good to me :)")
  }
}

LICENSE

Public Domain, see UNLICENSE

Blacklist.go is not Public Domain - derived from here

About

mozilla WebAppSec password storage guidelines in a reusable form

Resources

Readme

License

Unlicense license
Activity

Stars

5 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages