NAME

Data::Password::BasicCheck - Basic password checking

SYNOPSIS

use Data::Password::BasicCheck;

# Create a password checker object. We require that passwords
# are at least 6 characters long, and no more than 8. We also
# require that there are at least L/2 different symbols in the
# password, where L is the password length. So, for a 6 caracter
# long password, we require at least 3 different symbols, for
# 8 characters long password we require at least 4 different
# symbols, for 7 characters long password we again require
# 4 symbols, since 7 *.5 = 3.5, which rounds to 4.

my $pwcheck = Data::Password::BasicCheck->new(6, # minimal length
                                              8, # maximum length
                                              .5) ; # symbol factor

my $ok = $pwcheck->OK ;
my $check = $pwcheck->check('bronto','My!Pass1',
                            'Marco', 'Marongiu',
                            'Los Angeles') ;

unless ($check eq $ok) { die "Please choose a better password" }
print "Greetings! Your password was good :-)\n\n" ;

ABSTRACT

This class is used to build basic password checkers. They don't match password against dictionaries, nor they do complex elaborations. They just check that minimal security conditions are verified.

DESCRIPTION

Data::Password::BasicChecker objects do these kind of checks on the given passwords:

  • password length is in a defined range that is estabilished at object creation;

  • there are at least pL symbols in password, where L is password length and p is 0 < p =< 1. If not specified at object creation we assume p = 2/3 (that is: 0.66666...)

  • password contains alphabetic characters, digits and non-alphanumeric characters;

  • rotations of the password don't match it (e.g.: the password a1&a1& matches itself after three rotations)

  • after cleaning away digits and symbols, the password, its reverse and all possible rotations don't match any personal information given (name, surname, city, username)

METHODS

new

creates a password checker object. Takes two mandatory arguments and an optional third argument. The are: minimal and maximal password length and a symbol factor, which defaults to 2/3 (0.6666....). A symbol factor is a number p such that 0 < p <= 1. Given p, a password of length L must contain at least round(p*L) characters. For example, a 6-character long password must contain at least 4 different symbols by default.

minlen

returns the minimal password length as defined upon object creation.

maxlen

returns the maximal password length as defined upon object creation.

psym

returns the symbol factor as defined upon object creation, or the default one otherwise.

check

takes five arguments: a username, a password, first name, last name and city. It first checks that the password in itself is good; if it isn't, checks to see if there exists at least a segment of minimal length that could be considered secure (the reason for this check will be explained in the next revision of this document). It returns an integer value, starting from 0, whose meaning is:

'0'

password ok

1

password too short

2

password too long

3

password must contain alphabetic characters, digits and non-alphanumeric symbols;

4

not enough different symbols in password

5

password matches itself after some rotations

6

password matches personal information

127

password too weak: security checks have failed on the password and on all minimal length segments of it

TO DO

  • Write a better documentation!

SEE ALSO

The book Essential System Administration, by Aeleen Frisch, printed by O'Reilly and Associates;

The PerlMonks web site, http://www.perlmonks.org/, where the ideas behind this module have been largely discussed.

Many people among the Italian Perl Mongers, which you can find on IRC on the channel #nordest.pm on slashnet

AUTHOR

Marco Marongiu, <bronto@cpan.org>

COPYRIGHT AND LICENSE

Copyright 2003 by Marco Marongiu

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

7 POD Errors

The following errors were encountered while parsing the POD:

Around line 284:

Expected text after =item, not a number

Around line 288:

Expected text after =item, not a number

Around line 292:

Expected text after =item, not a number

Around line 297:

Expected text after =item, not a number

Around line 301:

Expected text after =item, not a number

Around line 305:

Expected text after =item, not a number

Around line 309:

Expected text after =item, not a number