Skip to content

s-tajima/nspv

master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

nspv - NIST SP 800-63B Validator

Go GoDoc Codacy Badge

nspv is a password validation library for Go, compatible with NIST Special Publication 800-63B.

Description

NIST Special Publication 800-63B is a notable guideline for digital identity / authentication.
nspv validates a password with policies based on this guideline. The policies are described below.

  • Ensure the password length. (min 8 characters, max 64 characters, by default)
  • Compare the password against a list that contains values known to be commonly-used, expected, or compromised. (use Have I Been Pwned internally)
  • Judge whether the password could be predicable in the request context. (use Levenshtein Distance)

Installation

go get -u github.com/s-tajima/nspv

Usage

v := nspv.NewValidator()
v.SetDict([]string{"nist-sp-800-63"})

res, err := v.Validate("_sup3r_comp1ex_passw0rd_")
if err != nil {
    // Something wrong with validataion. (e.g. HIBP API Error)
}
if res != nspv.Ok {
    // Validation failure.
}
fmt.Println(result.String()) // Ok

res, _ = v.Validate("short")
fmt.Println(res.String()) // ViolateMinLengthCheck

res, _ = v.Validate("password")
fmt.Println(res.String()) // ViolateHibpCheck

res, _ = v.Validate("n1st-sp-800-63")
fmt.Println(res.String()) // ViolateDictCheck

License

MIT

Author

Satoshi Tajima

About

nspv is a password validation library for Go compatible with NIST Special Publication 800-63B.

Resources

License

Stars

Watchers

Forks

Packages

No packages published