密码强度

时间:2011-05-16 07:32:26

标签: passwords bit

嘿那里, 我想知道如何最好地衡量密码强度。我发现了两个不同的页面: http://rumkin.com/tools/password/passchk.phphttp://www.passwordmeter.com/

他们给出了不同密码的完全不同的结果。不知何故,以位为单位进行测量显然是显而易见的,但很难说出要考虑多少个不同的字符,例如:

假设我的密码是a * *,使用暴力的人必须使用特殊字符,上下字母,因此~60个不同的字符,即60 ^ 3组合。 谢谢到目前为止!

2 个答案:

答案 0 :(得分:2)

根据建议密码的某些特征评分:

  • 密码中每个字符的1分
  • 如果同时使用数字和字符,则为2分;如果包含非数字或字符符号,则为3分。
  • 如果它包含大写和小写字母,则为2分。
  • -2可以在字典中找到的单词(虽然可能更难检查)。
    • 如果一个数字可以代表一年,则
  • -2分。

从那里,拿一些好的和坏的密码的例子,并了解一个好的分数。

答案 1 :(得分:1)

这是我正在使用的方案,似乎效果很好。

Public Enum PasswordComplexityScore
    BadPassword
    MediumStrengthPassword
    GoodPassword
End Enum

Public Function CalculatePasswordComplexity() As PasswordComplexityScore

    Dim Score As Integer

    'If the password matches the username then BadPassword 
    If Password = UserName Then
        Return PasswordComplexityScore.BadPassword
    End If
    'If the password is less than 5 characters then TooShortPassword 
    If Password.Length < 5 Then
        Return PasswordComplexityScore.BadPassword
    End If

    Score = Password.Length * 4

    Score = Score + (CheckRepeatedPatterns(1).Length - Password.Length)
    Score = Score + (CheckRepeatedPatterns(2).Length - Password.Length)
    Score = Score + (CheckRepeatedPatterns(3).Length - Password.Length)
    Score = Score + (CheckRepeatedPatterns(4).Length - Password.Length)


    'If the password has 3 numbers then score += 5
    If CountNumbers() >= 3 Then
        Score = Score + 5
    End If

    'If the password has 2 special characters then score += 5
    If CountSymbols() >= 2 Then
        Score = Score + 5
    End If

    'If the password has upper and lower character then score += 10 
    If HasUpperAndLowerCharacters() Then
        Score = Score + 10
    End If

    'If the password has numbers and characters then score += 15 
    If HasNumbersAndCharacters() Then
        Score = Score + 10
    End If

    'If the password has numbers and special characters then score += 15 
    If CountNumbers() > 0 And CountSymbols() > 0 Then
        Score = Score + 15
    End If

    'If the password has special characters and characters then score += 15 
    If CountLetters() > 0 And CountSymbols() > 0 Then
        Score = Score + 15
    End If

    'If the password is only characters then score -= 10 
    If CountLetters() > 0 And CountNumbers() = 0 And CountSymbols() = 0 Then
        Score = Score - 15
    End If


    'If the password is only numbers then score -= 10 
    If CountLetters() = 0 And CountNumbers() > 0 And CountSymbols() = 0 Then
        Score = Score - 15
    End If

    If Score > 100 Then
        Score = 100
    End If

    If Score < 34 Then
        Return PasswordComplexityScore.BadPassword
    End If

    If Score < 68 Then
        Return PasswordComplexityScore.MediumStrengthPassword
    End If

    Return PasswordComplexityScore.GoodPassword

End Function

我现在已经在生产中使用它大约8年了。我想我把它从别人的java脚本转换成vb6然后转换成vb.net。

如果您愿意,我可以发布所有支持功能。

干杯

相关问题
最新问题