static string generatePassword(PasswordStrength passwordStrength)
{
const string charsForEasy = "abcdefghijklmnopqrstuvwxyz";
const string charsForNormal = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
const string charsForHard = charsForEasy + charsForNormal + "!@#$%^&*()_+/\\|";
switch (passwordStrength)
{
case PasswordStrength.easy:
return(new string(Enumerable.Repeat(charsForEasy, 6)
.Select(s => s[random.Next(s.Length)])
.ToArray()));
case PasswordStrength.normal:
return(new string(Enumerable.Repeat(charsForNormal, random.Next(6, 10))
.Select(s => s[random.Next(s.Length)])
.ToArray()));
case PasswordStrength.hard:
default:
return(new string(Enumerable.Repeat(charsForHard, random.Next(10, 30))
.Select(s => s[random.Next(s.Length)])
.ToArray()));
}
}
public object Convert(object value, Type targetType, object parameter, CultureInfo culture)
{
PasswordStrength result = PasswordStrengthUtils.CalculatePasswordStrength((string)value);
int rs = 0;
switch (result)
{
case PasswordStrength.Invalid:
rs = 0;
break;
case PasswordStrength.VeryWeak:
rs = 1;
break;
case PasswordStrength.Weak:
rs = 2;
break;
case PasswordStrength.Average:
rs = 3;
break;
case PasswordStrength.Strong:
rs = 4;
break;
case PasswordStrength.VeryStrong:
rs = 5;
break;
}
return((int)rs);
}
static string generatePassword(PasswordStrength passwordStrenght, string unsecurePassword)
{
// easy lozinkata treba da ima do 6 znaci ( samo mali bukvi )
// normal lozinkata treba da ima od 6 do 10 znaci (da sodrzhi golemi bukvi i
// brojki
// hard loznikata treba da ima povekje od 10 znaci i da sodrzhi mali , golemi
// bukvi i specijalni znaci
StringBuilder password = new StringBuilder();
Random rand = new Random();
const string SpecialCharacters = "!@#$%^&*()";
if (passwordStrenght == PasswordStrength.Easy)
{
int length = rand.Next(3, 6);
for (int i = 0; i < length; i++)
{
char c = new Char();
c = unsecurePassword[rand.Next(unsecurePassword.Length)];
password.Append(((rand.Next(32) % 2 == 0) && (Char.IsLower(c))) ? c : Char.ToUpper(c));
}
}
else if (passwordStrenght == PasswordStrength.Normal)
{
int length = rand.Next(6, 10);
for (int i = 0; i < length; i++)
{
char c = new Char();
c = unsecurePassword[rand.Next(unsecurePassword.Length)];
if ((rand.Next(32) % 2 == 0) && (Char.IsLower(c)))
{
password.Append(Char.ToUpper(c));
}
else
{
password.Append(c);
}
}
}
else
{
int length = rand.Next(10, 15);
for (int i = 0; i < length; i++)
{
if (i % 2 == 0)
{
password.Append(SpecialCharacters[rand.Next(SpecialCharacters.Length)]);
// nekoja logika pak, za generirranje na znak od const nizata gore
}
else
{
char c = new Char();
c = unsecurePassword[rand.Next(unsecurePassword.Length)];
password.Append(((rand.Next(32) % 2 == 0) && (Char.IsLower(c))) ? c : Char.ToUpper(c));
// nekoja moja logika za generiranje na random mala ili golema
}
}
}
return(password.ToString());
}
public object Convert(object value, Type targetType, object parameter, CultureInfo culture)
{
PasswordStrength result = PasswordStrengthUtils.CalculatePasswordStrength((string)value);
string rs = null;
switch (result)
{
case PasswordStrength.Invalid:
rs = "Invalid";
break;
case PasswordStrength.VeryWeak:
rs = "VeryWeak";
break;
case PasswordStrength.Weak:
rs = "Weak";
break;
case PasswordStrength.Average:
rs = "Average";
break;
case PasswordStrength.Strong:
rs = "Strong";
break;
case PasswordStrength.VeryStrong:
rs = "VeryStrong";
break;
}
return(rs);
}
public static string PasswordHint(PasswordStrength passwordStrength)
{
string result = "";
switch (passwordStrength)
{
case PasswordStrength.Blank:
result = "允許空白密碼";
break;
case PasswordStrength.VeryWeak:
result = "密碼長度小於5個字元 或者 具有一個字母字元 或者 具有一個數字字元";
break;
case PasswordStrength.Weak:
result = "密碼長度至少5個字元 並且符合這裡其中一個條件 : 密碼長度大於等於 8 個字元、大寫、小寫、數字、特殊符號";
break;
case PasswordStrength.Medium:
result = "密碼長度至少5個字元 並且符合這裡其中兩個個條件 : 密碼長度大於等於 8 個字元、大寫、小寫、數字、特殊符號";
break;
case PasswordStrength.Strong:
result = "密碼長度至少8個字元 並且符合這裡其中三個個條件 : 密碼長度大於等於 8 個字元、大寫、小寫、數字、特殊符號";
break;
case PasswordStrength.VeryStrong:
result = "密碼長度至少8個字元 並且符合這裡所有條件 : 密碼長度大於等於 8 個字元、大寫、小寫、數字、特殊符號";
break;
default:
break;
}
return(result);
}
public object Convert(object value, Type targetType, object parameter, CultureInfo culture)
{
if (value == null)
{
return(null);
}
string pass = (string)value;
PasswordStrength strength = PasswordStrengthUtils.CalculatePasswordStrength(pass);
switch (strength)
{
case PasswordStrength.Invalid: return("Transparent");
case PasswordStrength.VeryWeak: return("Red");
case PasswordStrength.Weak: return("Orange");
case PasswordStrength.Average: return("Yellow");
case PasswordStrength.Strong: return("YellowGreen");
case PasswordStrength.VeryStrong: return("Green");
default: return("Gray");
}
}
protected void Page_Load(object sender, EventArgs e)
{
WebJsonResponse ret = null;
try
{
String p = Tools.Tool.TrataInjection(Request["password"]);
PasswordStrength pwdcheck = new PasswordStrength();
pwdcheck.SetPassword(p);
Color cor = pwdcheck.GetStrengthColor();
ret = new WebJsonResponse("#passwordStrength", "<label>" + MessageResource.GetMessage("password_strength") + "</label><div class=\"form-group-content\"><span>" + pwdcheck.GetPasswordStrength() + "</span><div class=\"bar\" style=\"background: rgb(" + cor.R + "," + cor.G + "," + cor.B + ")\"></div></div>");
}
catch (Exception ex)
{
Tools.Tool.notifyException(ex);
throw ex;
}
if (ret != null)
{
ReturnHolder.Controls.Add(new LiteralControl(ret.ToJSON()));
}
}
public object Convert(object value, Type targetType, object parameter, CultureInfo culture)
{
PasswordStrength result = PasswordStrengthUtils.CalculatePasswordStrength((string)value);
SolidColorBrush rs = null;
switch (result)
{
case PasswordStrength.Invalid:
rs = new SolidColorBrush(Colors.Red);
break;
case PasswordStrength.VeryWeak:
rs = new SolidColorBrush(Colors.Orange);
break;
case PasswordStrength.Weak:
rs = new SolidColorBrush(Colors.Yellow);
break;
case PasswordStrength.Average:
rs = new SolidColorBrush(Colors.LightBlue);
break;
case PasswordStrength.Strong:
rs = new SolidColorBrush(Colors.LightGreen);
break;
case PasswordStrength.VeryStrong:
rs = new SolidColorBrush(Colors.Green);
break;
}
return(rs);
}
object IValueConverter.Convert(object value, Type targetType, object parameter, CultureInfo culture)
{
PasswordStrength ret = PasswordStrengthUtils.CalculatePasswordStrength((string)value);
switch (ret)
{
case PasswordStrength.VeryWeak:
return(20);
case PasswordStrength.Weak:
return(40);
case PasswordStrength.Average:
return(60);
case PasswordStrength.Strong:
return(80);
case PasswordStrength.VeryStrong:
return(100);
default:
return(null);
}
}
public async Task <IActionResult> ResetPassword([FromBody] ResetPasswordReq input)
{
if (!ModelState.IsValid)
{
return(BadRequest(new Response {
Success = false, ErrorMessage = "The details provided are not complete."
}));
}
if (input.Password != input.ConfirmPassword)
{
return(BadRequest("Password and Confirmed password must be identical"));
}
if (!PasswordStrength.CheckPasswordComplexity(input.Password))
{
return(BadRequest("Password not strong enough."));
}
input.Token = System.Net.WebUtility.UrlDecode(input.Token);
if (await _loginService.ResetPasswordAsync(input))
{
return(Ok(new Response {
Success = true
}));
}
return(StatusCode(500, new Response {
Success = false, ErrorMessage = "Something went wrong while trying to reset your password."
}));
}
object IValueConverter.Convert(object value, Type targetType, object parameter, CultureInfo culture)
{
PasswordStrength ret = PasswordStrengthUtils.CalculatePasswordStrength((string)value);
switch (ret)
{
case PasswordStrength.VeryWeak:
return((SolidColorBrush)(new BrushConverter().ConvertFrom("#f54842")));
case PasswordStrength.Weak:
return((SolidColorBrush)(new BrushConverter().ConvertFrom("#f57542")));
case PasswordStrength.Average:
return((SolidColorBrush)(new BrushConverter().ConvertFrom("#f5da42")));
case PasswordStrength.Strong:
return((SolidColorBrush)(new BrushConverter().ConvertFrom("#7bf542")));
case PasswordStrength.VeryStrong:
return((SolidColorBrush)(new BrushConverter().ConvertFrom("#237529")));
default:
return(null);
}
}
public object Convert(object value, Type targetType, object parameter, CultureInfo culture)
{
PasswordStrength passwordStrength = (PasswordStrength)value;
switch (passwordStrength)
{
case PasswordStrength.Invalid:
return(new SolidColorBrush(Color.FromArgb(0, 0, 0, 0)));
case PasswordStrength.VeryWeak:
return(new SolidColorBrush(Color.FromArgb(255, 255, 0, 0)));
case PasswordStrength.Weak:
return(new SolidColorBrush(Color.FromArgb(255, 245, 111, 66)));
case PasswordStrength.Average:
return(new SolidColorBrush(Color.FromArgb(255, 245, 200, 66)));
case PasswordStrength.Strong:
return(new SolidColorBrush(Color.FromArgb(255, 170, 245, 66)));
case PasswordStrength.VeryStrong:
return(new SolidColorBrush(Color.FromArgb(255, 0, 255, 0)));
default:
return(new SolidColorBrush(Color.FromArgb(0, 0, 0, 0)));
}
}
private static String GenerateRandomPassword(PasswordStrength passwordStrength)
{
StringBuilder sb = new StringBuilder();
Random smallLettersGenerator = new Random();
Random capitalLettersGenerator = new Random();
Random specialCharsGenerator = new Random();
Random choiceGenerator = new Random();
Random passwordLength = new Random();
if (passwordStrength == PasswordStrength.Easy)
{
int length = passwordLength.Next(1, 7); // 1-6
for (int i = 1; i <= length; ++i)
{
sb.Append((char)smallLettersGenerator.Next(97, 123)); // 97-122
}
}
else if (passwordStrength == PasswordStrength.Normal)
{
int length = passwordLength.Next(6, 10);
Random numbersGenerator = new Random();
for (int i = 1; i <= length; ++i)
{
int choice = choiceGenerator.Next(0, 2); // 0-1
if (choice == 0)
{
sb.Append((char)capitalLettersGenerator.Next(65, 91)); // 65-90
}
if (choice == 1)
{
sb.Append((char)numbersGenerator.Next(48, 58)); // 48-57
}
}
}
else if (passwordStrength == PasswordStrength.Hard)
{
int length = passwordLength.Next(10, 31); // 10-30
for (int i = 1; i <= length; ++i)
{
int choice = choiceGenerator.Next(0, 3); // 0-2
if (choice == 0)
{
sb.Append((char)capitalLettersGenerator.Next(65, 91)); // 65-90
}
if (choice == 1)
{
sb.Append((char)specialCharsGenerator.Next(33, 48)); // 33-47
}
if (choice == 2)
{
sb.Append((char)smallLettersGenerator.Next(97, 123)); // 97-122
}
}
}
return(sb.ToString());
}
public PasswordStrengthControl()
{
InitializeComponent();
pwdStrength = new PasswordStrength();
pwdStrength.SetPassword(" ");
UpdateControl();
}
static string generatePassword(PasswordStrength passwordStrength)
{
switch (passwordStrength)
{
case PasswordStrength.easy:
return(getPassword(1, 6, true, false, false, false));
}
return(null);
}
private bool ConformsLevel(PasswordStrength strength, int length, int distinctCount, CharOptions charOptions)
{
StrengthLevelData levelStt = _settings.StrengthLevels.FirstOrDefault(lvl => lvl.Strength == strength);
if (levelStt != null && levelStt.Conforms(length, distinctCount, charOptions))
{
return(true);
}
return(false);
}
public object Convert(object value, Type targetType, object parameter, CultureInfo culture)
{
if (value == null)
{
return(null);
}
string pass = (string)value;
PasswordStrength strength = PasswordStrengthUtils.CalculatePasswordStrength(pass);
return(strength.ToString());
}
public async Task GetPasswordHint()
{
if (AccountPolicyAdapterModel == null)
{
AccountPolicyAdapterModel =
await AccountPolicyService.GetAsync();
}
PasswordStrength passwordStrength = (PasswordStrength)AccountPolicyAdapterModel.PasswordComplexity;
PasswordHint = PasswordCheck.PasswordHint(passwordStrength);
}
public void Test_WithSymbolsAndSpecSymbols_Paranoid()
{
// Arrange
string psw = "Ent123@123©asfafwq©";
// Act
var result = PasswordStrength.CheckPasswordStrength(psw);
// Assert
Assert.AreEqual("Параноик", Convert.ToString(result));
}
public void Test_WithSymbols_Hight()
{
// Arrange
string psw = "Ent12?3123@asfafwq*";
// Act
var result = PasswordStrength.CheckPasswordStrength(psw);
// Assert
Assert.AreEqual("Отличный", Convert.ToString(result));
}
public void Test_Ent123_Hight()
{
// Arrange
string psw = "Ent123";
// Act
var result = PasswordStrength.CheckPasswordStrength(psw);
// Assert
Assert.AreEqual("Высокий", Convert.ToString(result));
}
public void Test_Ent_Short()
{
// Arrange
string psw = "Ent";
// Act
var result = PasswordStrength.CheckPasswordStrength(psw);
// Assert
Assert.AreEqual("Короткий", Convert.ToString(result));
}
public async Task GetPasswordHint()
{
if (systemEnvironmentAdapterModel == null)
{
systemEnvironmentAdapterModel =
await SystemEnvironmentService.GetAsync();
}
PasswordStrength passwordStrength = (PasswordStrength)systemEnvironmentAdapterModel.PasswordComplexity;
PasswordHint = PasswordCheck.PasswordHint(passwordStrength);
}
public static String psw(PasswordStrength p)
{
String pass = "";
StringBuilder sb = new StringBuilder();
Random ran = new Random();
if (p == PasswordStrength.easy)
{
for (int i = 0; i < 6; i++)
{
char c = Convert.ToChar(ran.Next(97, 123));
sb.Append(c);
}
}
else if (p == PasswordStrength.normal)
{
for (int i = 0; i < Convert.ToInt32(ran.Next(6, 11)); i++)
{
int k = ran.Next(1, 3);
char c = Convert.ToChar(0);
if (k == 1)
{
c = Convert.ToChar(ran.Next(65, 91));
}
if (k == 2)
{
c = Convert.ToChar(ran.Next(48, 58));
}
sb.Append(c);
}
}
else if (p == PasswordStrength.hard)
{
for (int i = 0; i < Convert.ToInt32(ran.Next(10, 16)); i++)
{
int k = ran.Next(1, 4);
char c = Convert.ToChar(0);
if (k == 1)
{
c = Convert.ToChar(ran.Next(65, 91));
}
if (k == 2)
{
c = Convert.ToChar(ran.Next(48, 58));
}
if (k == 3)
{
c = Convert.ToChar(ran.Next(97, 123));
}
sb.Append(c);
}
}
return(sb.ToString());
}
public void _25_WhenGivenAWeakPassword_SholudReturnWeak()
{
// Arrange
string pw = "ABC";
PasswordStrength expected = PasswordStrength.Weak;
// Act
PasswordStrength actual = Ex25.ValidatePassword(pw);
// Assert
Assert.AreEqual(expected, actual);
}
private void passwordTxt_TextChanged(object sender, EventArgs e)
{
var passGen = new PasswordGenerator();
strength = passGen.DetermineStrength(passwordTxt.Text.ToString());
passwordStrengthLbl.Text = "Password Strength: " + strength.ToString(); //dynamically update the strength of the password
if (retypedPassTxt.Text != "")
{
passwordsMatchTxt.Text = passwordTxt.Text == retypedPassTxt.Text ? "Passwords match" : "Passwords do not match";
}
}
public void _25_WhenGivenAVeryStrongPassword_SholudReturnVeryStrong()
{
// Arrange
string pw = "ABCD1234&";
PasswordStrength expected = PasswordStrength.VeryStrong;
// Act
PasswordStrength actual = Ex25.ValidatePassword(pw);
// Assert
Assert.AreEqual(expected, actual);
}
public void passwordStrengthTest()
{
var p = new PasswordStrength();
Assert.AreEqual(36.58319925463717, p.passwordStrength("abcc73?"));
Assert.AreEqual(8.101319154423278, p.passwordStrength("aaa"));
Assert.AreEqual(24.303957463269832, p.passwordStrength("aaaaaaaaa"));
Assert.AreEqual(41.29049610144165, p.passwordStrength("abcdefghi"));
Assert.AreEqual(72.2186525635304, p.passwordStrength("H0ley$Mol3y_"));
Assert.AreEqual(97.21582985307933, p.passwordStrength("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"));
Assert.AreEqual(146.8422482902136, p.passwordStrength("aaaaaaaaaaaaaaaaaaaaAaaaaaaaaaaaaaaa"));
}
/// <summary>Given a <see cref="PasswordStrength"/>, returns a description of the strength level.</summary>
public static string GetPasswordStrengthDescription(PasswordStrength strength)
{
switch(strength)
{
case PasswordStrength.Blank: return "extremely weak!";
case PasswordStrength.VeryWeak: return "very weak!";
case PasswordStrength.Weak: return "weak!";
case PasswordStrength.Moderate: return "moderate";
case PasswordStrength.Strong: return "strong";
case PasswordStrength.VeryStrong: return "very strong";
default: throw new NotImplementedException("Unknown password strength.");
}
}
public async Task <IActionResult> Register([FromBody] RegisterReq registerModel)
{
if (ModelState.IsValid)
{
//1. Check if user already exists
if (!await _registerService.CheckIfUserExistsAsync(registerModel.UserName))
{
//2. Check if password is strong enough
if (PasswordStrength.CheckPasswordComplexity(registerModel.PassWord) &&
registerModel.UserName.EndsWith("@consid.se"))
{
//3. Create new identity user
var user = await _registerService.RegisterNewUserAsync(registerModel);
if (user != null)
{
//Send confirmationlink to email address
//var token = await _registerService.GenerateEmailTokenAsync(user);
//var link = Url.Action(action: "ConfirmEmail", controller: "Register",
// new { userId = user.Id, token = token }, Request.Scheme);
//await _registerService.SendEmailConfirmationAsync(user, link);
//Write confirmationlink to file in MyPictures
//var filePath = Environment.GetFolderPath(Environment.SpecialFolder.MyPictures);
//System.IO.File.WriteAllText(Path.Combine(filePath, $"ConfirmEmail---{user.Id}.txt"), link);
return(Created("", new Response {
Success = true
}));
}
}
return(BadRequest(new Response
{
Success = false, ErrorMessage = "Password not strong enough or invalid email-address"
}));
}
return(BadRequest(new Response
{
Success = false, ErrorMessage = "A user with the submitted email-address already exists"
}));
}
return(BadRequest(new Response
{
Success = false, ErrorMessage = "Both email and password must be submitted"
}));
}
public PasswordStrengthValidator(ModelMetadata modelMetadata, ControllerContext controllerContext, PropertyInfo targetProperty, PasswordStrengthAttribute targetAttribute)
: base(modelMetadata, controllerContext)
{
if (targetProperty == null) throw new ArgumentNullException("targetProperty");
_targetProperty = targetProperty;
MinStrength = targetAttribute.MinStrength;
if (string.IsNullOrEmpty(targetAttribute.ErrorMessage))
{
ErrorMessage = _defaultMessage;
}
else
{
ErrorMessage = targetAttribute.ErrorMessage;
}
}
/// <summary>
/// Generates a password dependent upon the strength setting passed.
/// </summary>
/// <param name="passwordStrength">The required password strength.</param>
/// <returns></returns>
public static string GeneratePassword(PasswordStrength passwordStrength)
{
int passwordLength;
switch (passwordStrength)
{
case PasswordStrength.Low:
passwordLength = 4;
break;
case PasswordStrength.Medium:
passwordLength = 6;
break;
case PasswordStrength.Strong:
passwordLength = 8;
break;
case PasswordStrength.SuperStrong:
passwordLength = 10;
break;
default:
passwordLength = 10;
break;
}
var random = new Random();
var chars = new char[passwordLength];
for (var i = 0; i < passwordLength; i++)
{
chars[i] = PasswordChars[random.Next(0, PasswordChars.Length)];
}
var password = new string(chars);
if (GetPasswordStrength(password) == (int) passwordStrength)
return password;
return GeneratePassword(passwordStrength);
}
public PasswordStrengthAttribute(PasswordStrength minStrength)
{
MinStrength = minStrength;
}
public PasswordStrengthControl()
{
InitializeComponent();
pwdStrength = new PasswordStrength();
pwdStrength.SetPassword(" ");
UpdateControl();
}
private bool ConformsLevel(PasswordStrength strength, int length, int distinctCount, CharOptions charOptions)
{
StrengthLevelData levelStt = _settings.StrengthLevels.FirstOrDefault(lvl => lvl.Strength == strength);
if (levelStt != null && levelStt.Conforms(length, distinctCount, charOptions))
return true;
return false;
}
