nspv - NIST SP 800-63B Validator

nspv is a password validation library for Go, compatible with NIST Special Publication 800-63B.

Description

NIST Special Publication 800-63B is a notable guideline for digital identity / authentication.
nspv validates a password with policies based on this guideline. The policies are described below.

• Ensure the password length. (min 8 characters, max 64 characters, by default)
• Compare the password against a list that contains values known to be commonly-used, expected, or compromised. (use Have I Been Pwned internally)
• Judge whether the password could be predicable in the request context. (use Levenshtein Distance)

Installation

go get -u github.com/s-tajima/nspv

Usage

v := nspv.NewValidator()
v.SetDict([]string{"nist-sp-800-63"})

res, err := v.Validate("_sup3r_comp1ex_passw0rd_")
if err != nil {
    // Something wrong with validataion. (e.g. HIBP API Error)
}
if res != nspv.Ok {
    // Validation failure.
}
fmt.Println(result.String()) // Ok

res, _ = v.Validate("short")
fmt.Println(res.String()) // ViolateMinLengthCheck

res, _ = v.Validate("password")
fmt.Println(res.String()) // ViolateHibpCheck

res, _ = v.Validate("n1st-sp-800-63")
fmt.Println(res.String()) // ViolateDictCheck

License

MIT

Author

Satoshi Tajima