Take no risk and help your users to choose good passwords!
Ruby JavaScript CSS HTML
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
app/assets
lib
spec
.gitignore
Gemfile
Gemfile.lock
LICENSE
README.rdoc
Rakefile Simplify gem description Jun 25, 2013
pwdcalc.gemspec

README.rdoc

pwdcalc

Improve the user experience and security of your web application within just a few seconds by installing the pwdcalc gem. It extends your password fields with a strength bar and hint, enforcing a minimum complexity for security reasons.

Take no risk and help your users to choose good passwords!

Installation

Add pwdcalc to your Gemfile and bundle it up:

gem 'pwdcalc', :git => 'https://github.com/trimentor/pwdcalc.git'

Run the following command to install it:

bundle install

Run the installation generator:

rails g pwdcalc:install

Usage

Add the following directives to your JavaScript manifest file:

//= require jquery.YAPSM.min
//= require jquery.pwdcalc

Add the following directives to your CSS manifest file:

*= require pwdcalc

Use +Pwdcalc::FormBuilder+ to automatically create password field/-strength meter combinations:

<%= form_for @user, builder: Pwdcalc::FormBuilder do |f| %>
  <div class="field">
    <%= f.label :username %><br>
    <%= text_field :username %>
  </div>

  <div class="field pwdcalc-form-group">
    <%= f.label :password %><br>
    <%= f.password_field :password %>
  </div>

  <div class="actions">
    <%= f.submit %>
  </div>
<% end %>

NOTE: It's required to wrap the control in pwdcalc-form-group.

Localized Hints

Add the following line somewhere inside your view (e.g. at the bottom of your form):

<%= pwdcalc_translated_hints %>

Dictionary Attacks

Many people have a tendency to choose passwords which are short, single words found in dictionaries or simple, easily-predicted variations on words, vulnerable for dictionary attacks.

It's easy to provide a list of obvious passwords. Just add the data-dictionary attribute to the input field:

<%= f.password_field, :data => { :dictionary => 'obviousPasswords()' } %>

Keep in mind that the value should evaluate to an array.

Events

The pwdcalc-submit event is sent to the document when the user is attempting to submit the form.

$(document).on('pwdcalc-submit', handler(eventObject, origEventObject, field))

The pwdcalc-keyup-init event is sent to the document when the user releases a key on the keyboard and before a score and hint is shown or hidden.

$(document).on('pwdcalc-keyup-init', handler(eventObject, origEventObject, field))

The pwdcalc-keyup-complete event is sent to the document when the user releases a key on the keyboard and after a score and hint is shown or hidden.

$(document).on('pwdcalc-keyup-complete', handler(eventObject, origEventObject, field))

YAPSM (Yet Another Password Strength Meter)

The project page of this jQuery plugin can be found here on GitHub!

Bug Tracker

Have a bug? Please create an issue here on GitHub!

github.com/trimentor/pwdcalc/issues

Note on Patches/Pull Requests

  • Fork the project.

  • Make your feature addition or bug fix.

  • Add tests for it. This is important so I don't break it in a future version unintentionally.

  • Commit, do not mess with rakefile, version, or history.

  • Send me a pull request. Bonus points for topic branches.

Copyright

Copyright © 2012 Kjel Delaey, released under the MIT license.