Voici un code pour verifier la fiabilité d'un mot de pass

Thyphoon · Message par **Thyphoon** » lun. 04/août/2008 15:55

coucou les enfants !

je partage un petit code que j'utilise dans une de mes applications
il permet de passer un StringGadget pour un mot de passe (en mode mot de passe a mode text ) et il y a une indication sur la qualité du mot de passe.

ça peut surement être améliorer si vous avez des suggestions, des commentaires n'hésitez pas.
Edit:2008/08/04 18h30

-Correct Too Short info
-Add switch text in toogle button "abc" to "***" and reverse
-the password is tested only when eventype()=#PB_EventType_Change

Code : Tout sélectionner

#W_PassWord = 0

;Gadget
Enumeration
	#G_Password_Pass
    #G_Password_Toggle
    #G_Password_Check
    #G_Password_Pass_Txt
    #G_Password_Ok
    #G_Password_Cancel
EndEnumeration

Global Key.s

;********************
;Function
;********************

Procedure Match(exp.s, txt.s)
	If CreateRegularExpression(0, exp) And MatchRegularExpression(0, txt)
		ProcedureReturn #True
	Else
		ProcedureReturn #False
	EndIf
EndProcedure

Procedure.s DelRepetition(pLen.l, str.s)
	res.s = ""
	For i = 1 To Len(str)
		repeated = #False
		
		For j = 1 To pLen
			If Mid(Str, i, j) = Mid(Str, i + j, j)
				repeated = #True : 
				i = i + j-1
			EndIf
		Next
		If repeated = #False
			res + Mid(str, i, 1)
		EndIf
		
	Next i
	ProcedureReturn res
EndProcedure

Procedure.l passwordStrength(password.s)
	;Source:http://phiras.wordpress.com/2007/04/08/password-strength-meter-a-jquery-plugin/
	score.l = 0
	
	;password < 4
	If (Len(password)<5)
		score-50
	EndIf
	
	;//password == username
	;If (password.toLowerCase()==username.toLowerCase()) Return badPass
	
	;//password length
	score + Len(password)*4
	score + (Len(DelRepetition(1, password))-Len(password) )*1
	score + (Len(DelRepetition(2, password))-Len(password) )*1
	score + (Len(DelRepetition(3, password))-Len(password) )*1
	score + (Len(DelRepetition(4, password))-Len(password) )*1
	score + (Len(DelRepetition(5, password))-Len(password) )*1
	
	;//password has 3 numbers
	If Match("(.*[0-9].*[0-9].*[0-9])", password) : score + 5 : EndIf
	
	;//password has 2 sybols
	If Match("(.*[!,@,#,$,%,^,&,*,?,_,~].*[!,@,#,$,%,^,&,*,?,_,~])", password) : score + 5 : EndIf
	
	;//password has Upper And Lower chars
	If Match("([a-z].*[A-Z])|([A-Z].*[a-z])", password) : score + 10 : EndIf
	
	;//password has number And chars
	If Match("([a-zA-Z])", password) And Match("([0-9])", password) : score + 15 : EndIf
	
	;//password has number And symbol
	If Match("([!,@,#,$,%,^,&,*,?,_,~])", password) And Match("([0-9])", password) : score + 15 : EndIf
	
	;//password has char And symbol
	If Match("([!,@,#,$,%,^,&,*,?,_,~])", password) And Match("([a-zA-Z])", password) : score + 15 : EndIf
	
	;//password is just a nubers Or chars
	If match("^\w+$", password) Or match("^\d+$", password) : score-10 : EndIf
	
	;//verifing 0 < score < 100
	;if (score<0) : Debug "very Bad" : EndIf
	;If (score>100) : Debug "Perfect" : EndIf
	;If (score = 0 And score<34) : Debug " bad" : EndIf
	;If (score = 34 And score<68) : Debug " good" : EndIf
	;If (score = 68 And score<100) : Debug " strong" : EndIf
	ProcedureReturn score
EndProcedure

Procedure TestPassword(Gdt.l, Pass.s)
	Protected Score.l
	If IsGadget(Gdt)
		Score.l = passwordStrength(Pass)
		If (Score<-40) : SetGadgetText(Gdt, "Too short (" + Str(Score) + ")") : SetGadgetColor(Gdt, #PB_Gadget_BackColor, #Red) : EndIf
		If (Score> = -40 And Score<0) : SetGadgetText(Gdt, "very Bad (" + Str(Score) + ")") : SetGadgetColor(Gdt, #PB_Gadget_BackColor, #Red) : EndIf
		If (Score> = 0 And score<34) : SetGadgetText(Gdt, " bad (" + Str(Score) + ")") : SetGadgetColor(Gdt, #PB_Gadget_BackColor, $0033FF) : EndIf
		If (Score> = 34 And score<68) : SetGadgetText(Gdt, " good (" + Str(Score) + ")") : SetGadgetColor(Gdt, #PB_Gadget_BackColor, $006600) : EndIf
		If (Score> = 68 And score<100) : SetGadgetText(Gdt, " strong (" + Str(Score) + ")") : SetGadgetColor(Gdt, #PB_Gadget_BackColor, $66FF66) : EndIf
		If (Score>100) : SetGadgetText(Gdt, "Perfect (" + Str(Score) + ")") : SetGadgetColor(Gdt, #PB_Gadget_BackColor, #Green) : EndIf
	EndIf
EndProcedure


;Gdt=Gadget who display password / GdtToggle= gadget who sitch password display / GdtCont= If Gdt is in a container gadget
Procedure TogglePassword(Gdt.l, GdtToggle.l, GdtCont.l = -1)
	Protected tmppass.s, tmpx.l, tmpy.l, tmpw.l, tmph.l
	tmppass.s = GetGadgetText(Gdt)
	tmpx = GadgetX(Gdt)
	tmpy = GadgetY(Gdt)
	tmpw = GadgetWidth(Gdt)
	tmph = GadgetHeight(Gdt)
	FreeGadget(Gdt)
	If GdtCont>-1
		OpenGadgetList(GdtCont)
	EndIf
	If GetGadgetState(GdtToggle) = 0
		StringGadget(Gdt, tmpx, tmpy, tmpw, tmph, "", #PB_String_Password)
		SetGadgetText(GdtToggle, "abc")
	Else
		StringGadget(Gdt, tmpx, tmpy, tmpw, tmph, "")
		SetGadgetText(GdtToggle, "***")
	EndIf
	If GdtCont>-1
		CloseGadgetList()
	EndIf
	SetGadgetText(Gdt, tmppass)
EndProcedure

;********************
;Windows
;********************
Procedure OpenWindowPassword()
	OpenWindow(#W_PassWord, 0, 0, 400, 250, "Password", #PB_Window_ScreenCentered | #PB_Window_SystemMenu)
	CreateGadgetList(WindowID(#W_PassWord))
	
	TextGadget(#G_Password_Pass_Txt, 10, 55, WindowWidth(#W_PassWord)-20, 20, "Your Master Password")
	StringGadget(#G_Password_Pass, 10, 80, WindowWidth(#W_PassWord)-60, 20, "", #PB_String_Password)
	TextGadget(#G_Password_Check, 10, 110, WindowWidth(#W_PassWord)-60, 20, "", #PB_Text_Center | #PB_Text_Border)
	;SetGadgetAttribute(#G_Password_Pass, #PB_String_Password , 0) //ça n'existe pas pour l'instant dommage
	ButtonGadget(#G_Password_Toggle, WindowWidth(#W_PassWord)-40, 80, 40, 20, "abc", #PB_Button_Toggle)
	ButtonGadget(#G_Password_Ok, 10, WindowHeight(#W_PassWord)-30, 60, 20, "Ok")
	ButtonGadget(#G_Password_Cancel, WindowWidth(#W_PassWord)-70, WindowHeight(#W_PassWord)-30, 60, 20, "Cancel")
	
EndProcedure

Procedure CloseWindowPassword(W_Parent)
	DisableWindow(W_Parent, 0)
EndProcedure

Procedure WindowPasswordLoop()
	Protected EventID.l, Quit.b, ret.l
	OpenWindowPassword()
	Repeat
		EventID = WaitWindowEvent()
		Select(EventID)
			Case #PB_Event_Repaint
				;DrawWindowHead(#W_Icon)
			Case #PB_Event_Menu
			Case #PB_Event_Gadget
				
				Select EventGadget()
					Case #G_Password_Toggle
						TogglePassword(#G_Password_Pass, #G_Password_Toggle)
					Case #G_Password_Pass
						If EventType() = #PB_EventType_Change
							TestPassword(#G_Password_Check, GetGadgetText(#G_Password_Pass))
						EndIf
					Case #G_Password_Ok
						Quit = 1 : ret.l = #True
					Case #G_Password_Cancel
						Quit = 1 : ret.l = #False
				EndSelect
			Case #PB_Event_CloseWindow  ; If the user has pressed on the close button
				Quit = 1 : ret.l = #False
		EndSelect
	Until Quit = 1
	
	
	If ret = #True
		Key = GetGadgetText(#G_Password_Pass)
	EndIf
	CloseWindow(#W_PassWord)
	ProcedureReturn ret
EndProcedure

Kwai chang caine · Message par **Kwai chang caine** » mar. 05/août/2008 7:31

Bonne idée, j'avais pas vu ce genre de code auparavant.

Le meme style que les sites qui nous casse les bu....en disant votre mot de passe est trop faible, et gnagnagna veuillez en choisir un autre ....
Le probleme c'est que quand t'as choisi le nom de ta femme, tu va quand meme pas divorcer pour plaire à mr le code

Merci je le met de coté, et un jour moi aussi, je pourrais demander à quelqu'un de divorcer grace a toi

Thyphoon · Message par **Thyphoon** » mar. 05/août/2008 19:37

lollllllll

Moi c'est surtout indicatif...mais l'analyse du mot de passe demande a être améliorer... peut être dans une prochaine version..

)