NAME

Data::Password::zxcvbn::Match::Regex - match class for recognisable patterns in passwords

VERSION

version 1.1.2

DESCRIPTION

This class represents the guess that a certain substring of a password can be guessed by enumerating small languages described by regular expressions. By default, the only regex used is one that matches recent years (yes, this is very similar to what Date does).

ATTRIBUTES

regexes

Hashref, the regular expressions that were tried to get this match. The values are arrayrefs with 2 elements: the regex itself, and the estimated number of guesses per character; for example:

digits => [ qr[(\p{Nd}+)], 10 ],

regex_name

The name of the regex that matched the token.

METHODS

make

my @matches = @{ Data::Password::zxcvbn::Match::Regex->make(
  $password,
  { # this is the default
    regexes => \%Data::Password::zxcvbn::Match::Regex::regexes_limited,
  },
) };

Scans the $password for substrings that match regexes in regexes.

By default, the only regex that's used is one that matches recent years expressed as 4 digits. More patterns are available as \%Data::Password::zxcvbn::Match::Regex::regexes (which you can also get if you say regexes => 'all'), or you can pass in your own hashref.

estimate_guesses

For the recent_year regex, the number of guesses is the number of years between the value represented by the token and a reference year (currently 2017).

For all other regexes, the number of guesses is exponential on the length of the token, using as base the second element of the matching pattern (i.e. $self->regexes->{$self->regex_name}[1]).

feedback_warning

feedback_suggestions

This class suggests not using recent years. At the moment, there's no feedback for other regexes.

fields_for_json

The JSON serialisation for matches of this class will contain token i j guesses guesses_log10 regex_name.

AUTHOR

Gianni Ceccarelli <gianni.ceccarelli@broadbean.com>

COPYRIGHT AND LICENSE

This software is copyright (c) 2022 by BroadBean UK, a CareerBuilder Company.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.