NAME
Data::Password::zxcvbn::Match::UserInput - match class for words that match other user-supplied information
VERSION
version 1.0.6
DESCRIPTION
This class represents the guess that a certain substring of a password can be guessed by using other pieces of information related to the user: their account name, real name, location, &c.
This is a subclass of Data::Password::zxcvbn::Match::Dictionary
.
METHODS
make
my @matches = @{ Data::Password::zxcvbn::Match::UserInput->make(
$password,
{
user_input => \%user_input,
# this is the default
l33t_table => \%Data::Password::zxcvbn::Match::Dictionary::l33t_table,
},
) };
The %user_input
hash should be a simple hash mapping field names to strings. It will be converted into a set of dictionaries, one per key, containing words extracted from the strings. For example
{ name => 'Some One', address => '123 Place Street' }
will become:
{ name => { Some => 1, One => 1 },
address => { 123 => 1, Place => 1, Street => 1 } }
All words get rank 1 because they're obvious guesses from a cracker's point of view.
The rest of the logic is the same as for Dictionary
.
feedback_warning
The warnings for this class are very similar to those for Dictionary
, but they explicitly mention the field name. Warnings look like:
['The value of the [_1] field is easy to guess','address']
so your localisation library can translate the warning and the field name separately.
AUTHOR
Gianni Ceccarelli <gianni.ceccarelli@broadbean.com>
COPYRIGHT AND LICENSE
This software is copyright (c) 2022 by BroadBean UK, a CareerBuilder Company.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.