2 window.wp = window.wp || {};
6 wp.passwordStrength = {
8 * Determine the strength of a given password
10 * @param string password1 The password
11 * @param array blacklist An array of words that will lower the entropy of the password
12 * @param string password2 The confirmed password
14 meter : function( password1, blacklist, password2 ) {
15 if ( ! $.isArray( blacklist ) )
16 blacklist = [ blacklist.toString() ];
18 if (password1 != password2 && password2 && password2.length > 0)
21 var result = zxcvbn( password1, blacklist );
26 * Builds an array of data that should be penalized, because it would lower the entropy of a password if it were used
28 * @return array The array of data to be blacklisted
30 userInputBlacklist : function() {
31 var i, userInputFieldsLength, rawValuesLength, currentField,
34 userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ];
36 // Collect all the strings we want to blacklist
37 rawValues.push( document.title );
38 rawValues.push( document.URL );
40 userInputFieldsLength = userInputFields.length;
41 for ( i = 0; i < userInputFieldsLength; i++ ) {
42 currentField = $( '#' + userInputFields[ i ] );
44 if ( 0 === currentField.length ) {
48 rawValues.push( currentField[0].defaultValue );
49 rawValues.push( currentField.val() );
52 // Strip out non-alphanumeric characters and convert each word to an individual entry
53 rawValuesLength = rawValues.length;
54 for ( i = 0; i < rawValuesLength; i++ ) {
55 if ( rawValues[ i ] ) {
56 blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) );
60 // Remove empty values, short words, and duplicates. Short words are likely to cause many false positives.
61 blacklist = $.grep( blacklist, function( value, key ) {
62 if ( '' === value || 4 > value.length ) {
66 return $.inArray( value, blacklist ) === key;
73 // Backwards compatibility.
74 passwordStrength = wp.passwordStrength.meter;