You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jul 25, 2019. It is now read-only.
importcom.codahale.passpol.BreachDatabase;
importcom.codahale.passpol.PasswordPolicy;
classExample {
voiddoIt() {
finalPasswordPolicypolicy = newPasswordPolicy(BreachDatabase.haveIBeenPwned(5), 8, 64);
// validate good passwordsSystem.out.println(policy.check("this is a good, long password"));
// validate bad passwordsSystem.out.println(policy.check("password"));
// convert a unicode password to a normalized byte array suitable for hashingfinalbyte[] bytes = PasswordPolicy.normalize("✊🏻 unicode 🔥 password");
}
}
How it works
PasswordPolicy checks passwords for minimum and maximum length (i.e. the number of Unicode
codepoints in the string) and can check a set of breach databases to see if the password has been
made public.
The built-in breach databases include an offline list of 100,000 weak passwords from the SecList
Project's collection of breached passwords.
PasswordPolicy also provides the means to normalize Unicode passwords into a canonical byte array
representation suitable for inputting into a password hashing algorithm like bcrypt.
