diff --git a/server/index.php b/server/index.php index b527bed..b3799a6 100644 --- a/server/index.php +++ b/server/index.php @@ -61,6 +61,7 @@ else + gPass : global Password @@ -123,9 +124,11 @@ if ($user != "") echo 'URL '; echo 'login '; echo 'password '; - echo 'master key '; + echo 'master key '; echo ''; echo ""; + echo "
"; + echo '
Master key strength
0%
 
'; } ?> diff --git a/server/ressources/bg_strength_gradient.jpg b/server/ressources/bg_strength_gradient.jpg new file mode 100644 index 0000000..be77425 Binary files /dev/null and b/server/ressources/bg_strength_gradient.jpg differ diff --git a/server/ressources/gpass.css b/server/ressources/gpass.css index 709ab5e..1c68df1 100755 --- a/server/ressources/gpass.css +++ b/server/ressources/gpass.css @@ -76,4 +76,33 @@ body { color:red; font-weight:bold; font-size:xx-large; +} + +#scorebarBorder { + background: #333; + border: 1px #000 solid; + height: 16px; + margin-bottom: 2px; + margin-left:auto; + margin-right:auto; + width: 100px; +} + +#score { + color: rgb(0, 0, 0); + font-size: 85%; + position: absolute; + text-align: center; + width: 100px; + z-index: 10; + font-weight:bold; +} + +#scorebar { + background-image: url(/ressources/bg_strength_gradient.jpg); + background-repeat: no-repeat; + background-position: 0 0; + position:absolute; + width: 100px; + z-index: 0; } \ No newline at end of file diff --git a/server/ressources/pwdmeter.js b/server/ressources/pwdmeter.js new file mode 100644 index 0000000..fa7269e --- /dev/null +++ b/server/ressources/pwdmeter.js @@ -0,0 +1,341 @@ +/* +** Created by: Jeff Todnem (http://www.todnem.com/) +** Created on: 2007-08-14 +** Last modified: 2010-05-03 +** +** License Information: +** ------------------------------------------------------------------------- +** Copyright (C) 2007 Jeff Todnem +** +** This program is free software; you can redistribute it and/or modify it +** under the terms of the GNU General Public License as published by the +** Free Software Foundation; either version 2 of the License, or (at your +** option) any later version. +** +** This program is distributed in the hope that it will be useful, but +** WITHOUT ANY WARRANTY; without even the implied warranty of +** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +** General Public License for more details. +** +** You should have received a copy of the GNU General Public License along +** with this program; if not, write to the Free Software Foundation, Inc., +** 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +** +*/ + +function addLoadEvent(func) { + var oldonload = window.onload; + if (typeof window.onload != "function") { + window.onload = func; + } + else { + window.onload = function() { + if (oldonload) { + oldonload(); + } + func(); + }; + } +} + +function $() { + var arrElms = []; + for (var i=0; i < arguments.length; i++) { + var elm = arguments[i]; + if (typeof(elm == "string")) { elm = document.getElementById(elm); } + if (arguments.length == 1) { return elm; } + arrElms.push(elm); + } + return arrElms; +} + +String.prototype.strReverse = function() { + var newstring = ""; + for (var s=0; s < this.length; s++) { + newstring = this.charAt(s) + newstring; + } + return newstring; + //strOrig = ' texttotrim '; + //strReversed = strOrig.revstring(); +}; + +function chkPass(pwd) { + var oScorebar = $("scorebar"); + var oScore = $("score"); + var oComplexity = $("complexity"); + // Simultaneous variable declaration and value assignment aren't supported in IE apparently + // so I'm forced to assign the same value individually per var to support a crappy browser *sigh* + var nScore=0, nLength=0, nAlphaUC=0, nAlphaLC=0, nNumber=0, nSymbol=0, nMidChar=0, nRequirements=0, nAlphasOnly=0, nNumbersOnly=0, nUnqChar=0, nRepChar=0, nRepInc=0, nConsecAlphaUC=0, nConsecAlphaLC=0, nConsecNumber=0, nConsecSymbol=0, nConsecCharType=0, nSeqAlpha=0, nSeqNumber=0, nSeqSymbol=0, nSeqChar=0, nReqChar=0, nMultConsecCharType=0; + var nMultRepChar=1, nMultConsecSymbol=1; + var nMultMidChar=2, nMultRequirements=2, nMultConsecAlphaUC=2, nMultConsecAlphaLC=2, nMultConsecNumber=2; + var nReqCharType=3, nMultAlphaUC=3, nMultAlphaLC=3, nMultSeqAlpha=3, nMultSeqNumber=3, nMultSeqSymbol=3; + var nMultLength=4, nMultNumber=4; + var nMultSymbol=6; + var nTmpAlphaUC="", nTmpAlphaLC="", nTmpNumber="", nTmpSymbol=""; + var sAlphaUC="0", sAlphaLC="0", sNumber="0", sSymbol="0", sMidChar="0", sRequirements="0", sAlphasOnly="0", sNumbersOnly="0", sRepChar="0", sConsecAlphaUC="0", sConsecAlphaLC="0", sConsecNumber="0", sSeqAlpha="0", sSeqNumber="0", sSeqSymbol="0"; + var sAlphas = "abcdefghijklmnopqrstuvwxyz"; + var sNumerics = "01234567890"; + var sSymbols = ")!@#$%^&*()"; + var sComplexity = "Too Short"; + var sStandards = "Below"; + var nMinPwdLen = 8; + if (document.all) { var nd = 0; } else { var nd = 1; } + if (pwd) { + nScore = parseInt(pwd.length * nMultLength); + nLength = pwd.length; + var arrPwd = pwd.replace(/\s+/g,"").split(/\s*/); + var arrPwdLen = arrPwd.length; + + /* Loop through password to check for Symbol, Numeric, Lowercase and Uppercase pattern matches */ + for (var a=0; a < arrPwdLen; a++) { + if (arrPwd[a].match(/[A-Z]/g)) { + if (nTmpAlphaUC !== "") { if ((nTmpAlphaUC + 1) == a) { nConsecAlphaUC++; nConsecCharType++; } } + nTmpAlphaUC = a; + nAlphaUC++; + } + else if (arrPwd[a].match(/[a-z]/g)) { + if (nTmpAlphaLC !== "") { if ((nTmpAlphaLC + 1) == a) { nConsecAlphaLC++; nConsecCharType++; } } + nTmpAlphaLC = a; + nAlphaLC++; + } + else if (arrPwd[a].match(/[0-9]/g)) { + if (a > 0 && a < (arrPwdLen - 1)) { nMidChar++; } + if (nTmpNumber !== "") { if ((nTmpNumber + 1) == a) { nConsecNumber++; nConsecCharType++; } } + nTmpNumber = a; + nNumber++; + } + else if (arrPwd[a].match(/[^a-zA-Z0-9_]/g)) { + if (a > 0 && a < (arrPwdLen - 1)) { nMidChar++; } + if (nTmpSymbol !== "") { if ((nTmpSymbol + 1) == a) { nConsecSymbol++; nConsecCharType++; } } + nTmpSymbol = a; + nSymbol++; + } + /* Internal loop through password to check for repeat characters */ + var bCharExists = false; + for (var b=0; b < arrPwdLen; b++) { + if (arrPwd[a] == arrPwd[b] && a != b) { /* repeat character exists */ + bCharExists = true; + /* + Calculate icrement deduction based on proximity to identical characters + Deduction is incremented each time a new match is discovered + Deduction amount is based on total password length divided by the + difference of distance between currently selected match + */ + nRepInc += Math.abs(arrPwdLen/(b-a)); + } + } + if (bCharExists) { + nRepChar++; + nUnqChar = arrPwdLen-nRepChar; + nRepInc = (nUnqChar) ? Math.ceil(nRepInc/nUnqChar) : Math.ceil(nRepInc); + } + } + + /* Check for sequential alpha string patterns (forward and reverse) */ + for (var s=0; s < 23; s++) { + var sFwd = sAlphas.substring(s,parseInt(s+3)); + var sRev = sFwd.strReverse(); + if (pwd.toLowerCase().indexOf(sFwd) != -1 || pwd.toLowerCase().indexOf(sRev) != -1) { nSeqAlpha++; nSeqChar++;} + } + + /* Check for sequential numeric string patterns (forward and reverse) */ + for (var s=0; s < 8; s++) { + var sFwd = sNumerics.substring(s,parseInt(s+3)); + var sRev = sFwd.strReverse(); + if (pwd.toLowerCase().indexOf(sFwd) != -1 || pwd.toLowerCase().indexOf(sRev) != -1) { nSeqNumber++; nSeqChar++;} + } + + /* Check for sequential symbol string patterns (forward and reverse) */ + for (var s=0; s < 8; s++) { + var sFwd = sSymbols.substring(s,parseInt(s+3)); + var sRev = sFwd.strReverse(); + if (pwd.toLowerCase().indexOf(sFwd) != -1 || pwd.toLowerCase().indexOf(sRev) != -1) { nSeqSymbol++; nSeqChar++;} + } + + /* Modify overall score value based on usage vs requirements */ + + /* General point assignment */ + // $("nLengthBonus").innerHTML = "+ " + nScore; + if (nAlphaUC > 0 && nAlphaUC < nLength) { + nScore = parseInt(nScore + ((nLength - nAlphaUC) * 2)); + sAlphaUC = "+ " + parseInt((nLength - nAlphaUC) * 2); + } + if (nAlphaLC > 0 && nAlphaLC < nLength) { + nScore = parseInt(nScore + ((nLength - nAlphaLC) * 2)); + sAlphaLC = "+ " + parseInt((nLength - nAlphaLC) * 2); + } + if (nNumber > 0 && nNumber < nLength) { + nScore = parseInt(nScore + (nNumber * nMultNumber)); + sNumber = "+ " + parseInt(nNumber * nMultNumber); + } + if (nSymbol > 0) { + nScore = parseInt(nScore + (nSymbol * nMultSymbol)); + sSymbol = "+ " + parseInt(nSymbol * nMultSymbol); + } + if (nMidChar > 0) { + nScore = parseInt(nScore + (nMidChar * nMultMidChar)); + sMidChar = "+ " + parseInt(nMidChar * nMultMidChar); + } + // $("nAlphaUCBonus").innerHTML = sAlphaUC; + // $("nAlphaLCBonus").innerHTML = sAlphaLC; + // $("nNumberBonus").innerHTML = sNumber; + // $("nSymbolBonus").innerHTML = sSymbol; + // $("nMidCharBonus").innerHTML = sMidChar; + + /* Point deductions for poor practices */ + if ((nAlphaLC > 0 || nAlphaUC > 0) && nSymbol === 0 && nNumber === 0) { // Only Letters + nScore = parseInt(nScore - nLength); + nAlphasOnly = nLength; + sAlphasOnly = "- " + nLength; + } + if (nAlphaLC === 0 && nAlphaUC === 0 && nSymbol === 0 && nNumber > 0) { // Only Numbers + nScore = parseInt(nScore - nLength); + nNumbersOnly = nLength; + sNumbersOnly = "- " + nLength; + } + if (nRepChar > 0) { // Same character exists more than once + nScore = parseInt(nScore - nRepInc); + sRepChar = "- " + nRepInc; + } + if (nConsecAlphaUC > 0) { // Consecutive Uppercase Letters exist + nScore = parseInt(nScore - (nConsecAlphaUC * nMultConsecAlphaUC)); + sConsecAlphaUC = "- " + parseInt(nConsecAlphaUC * nMultConsecAlphaUC); + } + if (nConsecAlphaLC > 0) { // Consecutive Lowercase Letters exist + nScore = parseInt(nScore - (nConsecAlphaLC * nMultConsecAlphaLC)); + sConsecAlphaLC = "- " + parseInt(nConsecAlphaLC * nMultConsecAlphaLC); + } + if (nConsecNumber > 0) { // Consecutive Numbers exist + nScore = parseInt(nScore - (nConsecNumber * nMultConsecNumber)); + sConsecNumber = "- " + parseInt(nConsecNumber * nMultConsecNumber); + } + if (nSeqAlpha > 0) { // Sequential alpha strings exist (3 characters or more) + nScore = parseInt(nScore - (nSeqAlpha * nMultSeqAlpha)); + sSeqAlpha = "- " + parseInt(nSeqAlpha * nMultSeqAlpha); + } + if (nSeqNumber > 0) { // Sequential numeric strings exist (3 characters or more) + nScore = parseInt(nScore - (nSeqNumber * nMultSeqNumber)); + sSeqNumber = "- " + parseInt(nSeqNumber * nMultSeqNumber); + } + if (nSeqSymbol > 0) { // Sequential symbol strings exist (3 characters or more) + nScore = parseInt(nScore - (nSeqSymbol * nMultSeqSymbol)); + sSeqSymbol = "- " + parseInt(nSeqSymbol * nMultSeqSymbol); + } + // $("nAlphasOnlyBonus").innerHTML = sAlphasOnly; + // $("nNumbersOnlyBonus").innerHTML = sNumbersOnly; + // $("nRepCharBonus").innerHTML = sRepChar; + // $("nConsecAlphaUCBonus").innerHTML = sConsecAlphaUC; + // $("nConsecAlphaLCBonus").innerHTML = sConsecAlphaLC; + // $("nConsecNumberBonus").innerHTML = sConsecNumber; + // $("nSeqAlphaBonus").innerHTML = sSeqAlpha; + // $("nSeqNumberBonus").innerHTML = sSeqNumber; + // $("nSeqSymbolBonus").innerHTML = sSeqSymbol; + + /* Determine if mandatory requirements have been met and set image indicators accordingly */ + var arrChars = [nLength,nAlphaUC,nAlphaLC,nNumber,nSymbol]; + var arrCharsIds = ["nLength","nAlphaUC","nAlphaLC","nNumber","nSymbol"]; + var arrCharsLen = arrChars.length; + // for (var c=0; c < arrCharsLen; c++) { + // var oImg = $('div_' + arrCharsIds[c]); + // var oBonus = $(arrCharsIds[c] + 'Bonus'); + // $(arrCharsIds[c]).innerHTML = arrChars[c]; + // if (arrCharsIds[c] == "nLength") { var minVal = parseInt(nMinPwdLen - 1); } else { var minVal = 0; } + // if (arrChars[c] == parseInt(minVal + 1)) { nReqChar++; oImg.className = "pass"; oBonus.parentNode.className = "pass"; } + // else if (arrChars[c] > parseInt(minVal + 1)) { nReqChar++; oImg.className = "exceed"; oBonus.parentNode.className = "exceed"; } + // else { oImg.className = "fail"; oBonus.parentNode.className = "fail"; } + // } + nRequirements = nReqChar; + if (pwd.length >= nMinPwdLen) { var nMinReqChars = 3; } else { var nMinReqChars = 4; } + if (nRequirements > nMinReqChars) { // One or more required characters exist + nScore = parseInt(nScore + (nRequirements * 2)); + sRequirements = "+ " + parseInt(nRequirements * 2); + } + // $("nRequirementsBonus").innerHTML = sRequirements; + + /* Determine if additional bonuses need to be applied and set image indicators accordingly */ + var arrChars = [nMidChar,nRequirements]; + var arrCharsIds = ["nMidChar","nRequirements"]; + var arrCharsLen = arrChars.length; + // for (var c=0; c < arrCharsLen; c++) { + // var oImg = $('div_' + arrCharsIds[c]); + // var oBonus = $(arrCharsIds[c] + 'Bonus'); + // $(arrCharsIds[c]).innerHTML = arrChars[c]; + // if (arrCharsIds[c] == "nRequirements") { var minVal = nMinReqChars; } else { var minVal = 0; } + // if (arrChars[c] == parseInt(minVal + 1)) { oImg.className = "pass"; oBonus.parentNode.className = "pass"; } + // else if (arrChars[c] > parseInt(minVal + 1)) { oImg.className = "exceed"; oBonus.parentNode.className = "exceed"; } + // else { oImg.className = "fail"; oBonus.parentNode.className = "fail"; } + // } + + /* Determine if suggested requirements have been met and set image indicators accordingly */ + var arrChars = [nAlphasOnly,nNumbersOnly,nRepChar,nConsecAlphaUC,nConsecAlphaLC,nConsecNumber,nSeqAlpha,nSeqNumber,nSeqSymbol]; + var arrCharsIds = ["nAlphasOnly","nNumbersOnly","nRepChar","nConsecAlphaUC","nConsecAlphaLC","nConsecNumber","nSeqAlpha","nSeqNumber","nSeqSymbol"]; + var arrCharsLen = arrChars.length; + // for (var c=0; c < arrCharsLen; c++) { + // var oImg = $('div_' + arrCharsIds[c]); + // var oBonus = $(arrCharsIds[c] + 'Bonus'); + // $(arrCharsIds[c]).innerHTML = arrChars[c]; + // if (arrChars[c] > 0) { oImg.className = "warn"; oBonus.parentNode.className = "warn"; } + // else { oImg.className = "pass"; oBonus.parentNode.className = "pass"; } + // } + + /* Determine complexity based on overall score */ + if (nScore > 100) { nScore = 100; } else if (nScore < 0) { nScore = 0; } + if (nScore >= 0 && nScore < 20) { sComplexity = "Very Weak"; } + else if (nScore >= 20 && nScore < 40) { sComplexity = "Weak"; } + else if (nScore >= 40 && nScore < 60) { sComplexity = "Good"; } + else if (nScore >= 60 && nScore < 80) { sComplexity = "Strong"; } + else if (nScore >= 80 && nScore <= 100) { sComplexity = "Very Strong"; } + + /* Display updated score criteria to client */ + oScorebar.style.backgroundPosition = "-" + parseInt(nScore * 4) + "px 0px"; + oScore.innerHTML = nScore + "%"; + // oComplexity.innerHTML = sComplexity; + } + else { + /* Display default score criteria to client */ + initPwdChk(); + oScore.innerHTML = nScore + "%"; + // oComplexity.innerHTML = sComplexity; + } +} + +function togPwdMask() { + var oPwd = $("passwordPwd"); + var oTxt = $("passwordTxt"); + var oMask = $("mask"); + if (oMask.checked) { + oPwd.value = oTxt.value; + oPwd.className = ""; + oTxt.className = "hide"; + } + else { + oTxt.value = oPwd.value; + oPwd.className = "hide"; + oTxt.className = ""; + } +} + +function initPwdChk(restart) { + /* Reset all form values to their default */ + var arrZeros = ["nLength","nAlphaUC","nAlphaLC","nNumber","nSymbol","nMidChar","nRequirements","nAlphasOnly","nNumbersOnly","nRepChar","nConsecAlphaUC","nConsecAlphaLC","nConsecNumber","nSeqAlpha","nSeqNumber","nSeqSymbol","nLengthBonus","nAlphaUCBonus","nAlphaLCBonus","nNumberBonus","nSymbolBonus","nMidCharBonus","nRequirementsBonus","nAlphasOnlyBonus","nNumbersOnlyBonus","nRepCharBonus","nConsecAlphaUCBonus","nConsecAlphaLCBonus","nConsecNumberBonus","nSeqAlphaBonus","nSeqNumberBonus","nSeqSymbolBonus"]; + var arrPassPars = ["nAlphasOnlyBonus","nNumbersOnlyBonus","nRepCharBonus","nConsecAlphaUCBonus","nConsecAlphaLCBonus","nConsecNumberBonus","nSeqAlphaBonus","nSeqNumberBonus","nSeqSymbolBonus"]; + var arrPassDivs = ["div_nAlphasOnly","div_nNumbersOnly","div_nRepChar","div_nConsecAlphaUC","div_nConsecAlphaLC","div_nConsecNumber","div_nSeqAlpha","div_nSeqNumber","div_nSeqSymbol"]; + var arrFailPars = ["nLengthBonus","nAlphaUCBonus","nAlphaLCBonus","nNumberBonus","nSymbolBonus","nMidCharBonus","nRequirementsBonus"]; + var arrFailDivs = ["div_nLength","div_nAlphaUC","div_nAlphaLC","div_nNumber","div_nSymbol","div_nMidChar","div_nRequirements"]; + // for (var i in arrZeros) { $(arrZeros[i]).innerHTML = "0"; } + // for (var i in arrPassPars) { $(arrPassPars[i]).parentNode.className = "pass"; } + // for (var i in arrPassDivs) { $(arrPassDivs[i]).className = "pass"; } + // for (var i in arrFailPars) { $(arrFailPars[i]).parentNode.className = "fail"; } + // for (var i in arrFailDivs) { $(arrFailDivs[i]).className = "fail"; } + // $("passwordPwd").value = ""; + // $("passwordTxt").value = ""; + $("scorebar").style.backgroundPosition = "0 0"; + if (restart) { + $("passwordPwd").className = ""; + $("passwordTxt").className = "hide"; + $("mask").checked = true; + } +} + +addLoadEvent(function() { initPwdChk(1); }); +