-// Password strength meter
-function passwordStrength(password1, username, password2) {
- var shortPass = 1, badPass = 2, goodPass = 3, strongPass = 4, mismatch = 5, symbolSize = 0, natLog, score;
-
- // password 1 != password 2
- if ( (password1 != password2) && password2.length > 0)
- return mismatch
-
- //password < 4
- if ( password1.length < 4 )
- return shortPass
-
- //password1 == username
- if ( password1.toLowerCase() == username.toLowerCase() )
- return badPass;
-
- if ( password1.match(/[0-9]/) )
- symbolSize +=10;
- if ( password1.match(/[a-z]/) )
- symbolSize +=26;
- if ( password1.match(/[A-Z]/) )
- symbolSize +=26;
- if ( password1.match(/[^a-zA-Z0-9]/) )
- symbolSize +=31;
-
- natLog = Math.log( Math.pow(symbolSize, password1.length) );
- score = natLog / Math.LN2;
-
- if (score < 40 )
- return badPass
-
- if (score < 56 )
- return goodPass
-
- return strongPass;
-}
+window.wp = window.wp || {};
+
+var passwordStrength;
+(function($){
+ wp.passwordStrength = {
+ /**
+ * Determine the strength of a given password
+ *
+ * @param string password1 The password
+ * @param array blacklist An array of words that will lower the entropy of the password
+ * @param string password2 The confirmed password
+ */
+ meter : function( password1, blacklist, password2 ) {
+ if ( ! $.isArray( blacklist ) )
+ blacklist = [ blacklist.toString() ];
+
+ if (password1 != password2 && password2 && password2.length > 0)
+ return 5;
+
+ var result = zxcvbn( password1, blacklist );
+ return result.score;
+ },
+
+ /**
+ * Builds an array of data that should be penalized, because it would lower the entropy of a password if it were used
+ *
+ * @return array The array of data to be blacklisted
+ */
+ userInputBlacklist : function() {
+ var i, userInputFieldsLength, rawValuesLength, currentField,
+ rawValues = [],
+ blacklist = [],
+ userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ];
+
+ // Collect all the strings we want to blacklist
+ rawValues.push( document.title );
+ rawValues.push( document.URL );
+
+ userInputFieldsLength = userInputFields.length;
+ for ( i = 0; i < userInputFieldsLength; i++ ) {
+ currentField = $( '#' + userInputFields[ i ] );
+
+ if ( 0 == currentField.length ) {
+ continue;
+ }
+
+ rawValues.push( currentField[0].defaultValue );
+ rawValues.push( currentField.val() );
+ }
+
+ // Strip out non-alphanumeric characters and convert each word to an individual entry
+ rawValuesLength = rawValues.length;
+ for ( i = 0; i < rawValuesLength; i++ ) {
+ if ( rawValues[ i ] ) {
+ blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) );
+ }
+ }
+
+ // Remove empty values, short words, and duplicates. Short words are likely to cause many false positives.
+ blacklist = $.grep( blacklist, function( value, key ) {
+ if ( '' == value || 4 > value.length ) {
+ return false;
+ }
+
+ return $.inArray( value, blacklist ) === key;
+ });
+
+ return blacklist;
+ }
+ }
+
+ // Backwards compatibility.
+ passwordStrength = wp.passwordStrength.meter;
+})(jQuery);
\ No newline at end of file
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff