In [1]:
import random
import math
import yaml



In [2]:
# Load password policy from config/policy.yml
def load_policy():
    policy = {
        "min_length": 12,
        "require_upper": True,
        "require_lower": True,
        "require_digits": True,
        "require_special": True,
        "max_breach_count": 0,
        "min_entropy": 60,
        "special_chars": "!@#$%^&*(),.?\":{}|<>"
    }
    return policy

policy = load_policy()



In [3]:
# Function to calculate entropy of a password
def calculate_entropy(password):
    charset_size = 0
    if any(c.islower() for c in password):
        charset_size += 26  # Lowercase letters
    if any(c.isupper() for c in password):
        charset_size += 26  # Uppercase letters
    if any(c.isdigit() for c in password):
        charset_size += 10  # Digits
    if any(c in policy["special_chars"] for c in password):
        charset_size += len(policy["special_chars"])  # Special characters
    
    entropy = math.log2(charset_size ** len(password))
    return round(entropy, 2)  # Round to 2 decimal places




In [4]:
# Function to validate password against policy
def validate_password(password):
    if len(password) < policy["min_length"]:
        return False, f"Password must be at least {policy['min_length']} characters long."
    if policy["require_upper"] and not any(c.isupper() for c in password):
        return False, "Password must contain at least one uppercase letter."
    if policy["require_lower"] and not any(c.islower() for c in password):
        return False, "Password must contain at least one lowercase letter."
    if policy["require_digits"] and not any(c.isdigit() for c in password):
        return False, "Password must contain at least one digit."
    if policy["require_special"] and not any(c in policy["special_chars"] for c in password):
        return False, "Password must contain at least one special character."
    
    entropy = calculate_entropy(password)
    if entropy < policy["min_entropy"]:
        return False, f"Password entropy ({entropy} bits) is too low. Minimum required: {policy['min_entropy']} bits."
    
    return True, "Password meets all security requirements."



In [5]:
# Function to enhance password
def enhance_password(password):
    substitutions = {
        'a': ['@', '4', 'A'], 'b': ['8', 'B'], 'c': ['C', '('],
        'e': ['3', 'E'], 'g': ['9', 'G'], 'i': ['1', '!', 'I'],
        'l': ['1', 'L'], 'o': ['0', 'O'], 's': ['$', '5', 'S'],
        't': ['7', 'T'], 'z': ['2', 'Z'], 'u': ['U', 'ü']
    }
    
    strong_password = ''.join(random.choice(substitutions.get(char, [char])) for char in password)
    special_chars = policy["special_chars"]
    for _ in range(random.randint(1, 3)):
        pos = random.randint(0, len(strong_password))
        strong_password = strong_password[:pos] + random.choice(special_chars) + strong_password[pos:]
    
    return strong_password



In [6]:
# Function to suggest stronger passwords
def suggest_stronger_passwords(password):
    suggestions = []
    for _ in range(3):
        new_password = enhance_password(password)
        suggestions.append(new_password)
    return suggestions



In [9]:
# Example Usage
low_entropy_pw = input("Enter a password: ")
low_entropy_score = calculate_entropy(low_entropy_pw)
valid, message = validate_password(low_entropy_pw)

if not valid:
    print(f"❌ {message}")
    print("🔄 Enhancing password...")
    high_entropy_pw = enhance_password(low_entropy_pw)
    high_entropy_score = calculate_entropy(high_entropy_pw)
    print("🟢 Enhanced High-Entropy Password:", high_entropy_pw, f"(Entropy: {high_entropy_score} bits)")
else:
    print(f"✅ {message}")
    print("🔎 Suggesting stronger variations of your password:")
    for suggestion in suggest_stronger_passwords(low_entropy_pw):
        print(f"🔹 {suggestion} (Entropy: {calculate_entropy(suggestion)} bits)")

✅ Password meets all security requirements.
🔎 Suggesting stronger variations of your password:
🔹 4BCdE@123:4{^56 (Entropy: 95.36 bits)
🔹 |AB(>dE@123456 (Entropy: 89.01 bits)
🔹 A8,(dE@123456 (Entropy: 82.65 bits)
