NAME

Data::Password::zxcvbn::MatchList - a collection of matches for a password

VERSION

version 1.1.2

SYNOPSIS

use Data::Password::zxcvbn::MatchList;

my $list = Data::Password::zxcvbn::MatchList->omnimatch($password)
            ->most_guessable_match_list;

DESCRIPTION

zxcvbn estimates the strength of a password by guessing which way a generic password cracker would produce it, and then guessing after how many tries it would produce it.

This class represents a list of guesses ("matches"), covering different substrings of a password.

ATTRIBUTES

password

Required string, the password this list is about.

matches

Arrayref, the actual list of matches.

guesses

The estimated number of attempts that a generic password cracker would need to guess the whole "password". This will be set for objects returned by "most_guessable_match_list", not for those returned by "omnimatch".

METHODS

omnimatch

my $match_list = Data::Password::zxcvbn::MatchList->omnimatch($password,\%opts);

Main constructor (the name comes from the original JS implementation). Calls ->make($password,\%opts) on all the Data::Password::zxcvbn::Match::* classes (or the ones in @{$opts{modules}}), combines all the matches, and returns a MatchList holding them.

most_guessable_match_list

my $minimal_list = $match_list->most_guessable_match_list;

This method extracts, from the "matches" of the invocant, a list of non-overlapping matches with minimum guesses. That list should represent the way that a generic password cracker would guess the "password", and as such is the one that the main function will use.

guesses_log10

The logarithm in base 10 of "guesses".

score

my $score = $match_list->score;

Returns an integer from 0-4 (useful for implementing a strength bar). See Data::Password::zxcvbn::TimeEstimate::guesses_to_score.

get_feedback

my %feedback = %{ $match_list->get_feedback };

my %feedback = %{ $match_list->get_feedback($max_score_for_feedback) };

If there's no matches, returns the result of "feedback_for_no_matches".

If the match list "score" is above $max_score_for_feedback (default 2), returns the result of "feedback_above_threshold".

Otherwise, collects all the feedback from the "matches", and returns it, merged with the result of "feedback_below_threshold" (suggestions are appended, but the warning from the matches takes precendence).

feedback_for_no_matches

Returns a feedback for when the password didn't match any of our heuristics. It contains no warning, and some simple common suggestions.

feedback_above_threshold

Returns a feedback for when the password scored above the threshold passed to "get_feedback" (i.e. the password is "good"). It's an empty feedback.

feedback_below_threshold

Returns a feedback for when the password scored below the threshold passed to "get_feedback" (i.e. the password is "bad"). It suggests to add some words.

AUTHOR

Gianni Ceccarelli <gianni.ceccarelli@broadbean.com>

COPYRIGHT AND LICENSE

This software is copyright (c) 2022 by BroadBean UK, a CareerBuilder Company.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.