From 7e19bf6e2ec2101b590405e6860007309661872b Mon Sep 17 00:00:00 2001 From: komeil Parseh Date: Mon, 28 Feb 2022 18:03:09 +0330 Subject: Add password strength check (#983) * Add password strength check * Delete time.sleep and log, use the select class instead * Ignore W503 in flake8 * Solve some problems of the password strength check algorithm Part of the code was written by @phisch. This code tries to measure the strength of the user's password and suggests that the password is weak. * rename function * Restore the flake8 configuration file to its previous state --- .flake8 | 2 +- archinstall/lib/user_interaction.py | 32 +++++++++++++++++++++++++++++--- 2 files changed, 30 insertions(+), 4 deletions(-) diff --git a/.flake8 b/.flake8 index c3377d24..d9fb938e 100644 --- a/.flake8 +++ b/.flake8 @@ -7,4 +7,4 @@ max-line-length = 236 show-source = True statistics = True per-file-ignores = __init__.py:F401,F403,F405 simple_menu.py:C901,W503 guided.py:C901 -builtins = _ +builtins = _ \ No newline at end of file diff --git a/archinstall/lib/user_interaction.py b/archinstall/lib/user_interaction.py index ddd388dc..aaf57143 100644 --- a/archinstall/lib/user_interaction.py +++ b/archinstall/lib/user_interaction.py @@ -99,20 +99,46 @@ def do_countdown() -> bool: return True +def check_password_strong(passwd :str) -> bool: + + symbol_count = 0 + if any(character.isdigit() for character in passwd): + symbol_count += 10 + if any(character.isupper() for character in passwd): + symbol_count += 26 + if any(character.islower() for character in passwd): + symbol_count += 26 + if any(not character.isalnum() for character in passwd): + symbol_count += 40 + + if symbol_count ** len(passwd) < 10e20: + + prompt = _("The password you are using seems to be weak,") + prompt += _("are you sure you want to use it?") + + choice = Menu(prompt, ["yes", "no"], default_option="yes").run() + return choice == "yes" + + return True + def get_password(prompt :str = '') -> Optional[str]: if not prompt: prompt = _("Enter a password: ") while passwd := getpass.getpass(prompt): + + if len(passwd.strip()) <= 0: + break + + if not check_password_strong(passwd): + continue + passwd_verification = getpass.getpass(prompt=_('And one more time for verification: ')) if passwd != passwd_verification: log(' * Passwords did not match * ', fg='red') continue - if len(passwd.strip()) <= 0: - break - return passwd return None -- cgit v1.2.3-70-g09d2