table of contents
| Data::Password::zxcvbn::Match::UserInput(3pm) | User Contributed Perl Documentation | Data::Password::zxcvbn::Match::UserInput(3pm) |
NAME¶
Data::Password::zxcvbn::Match::UserInput - match class for words that match other user-supplied information
VERSION¶
version 1.1.2
DESCRIPTION¶
This class represents the guess that a certain substring of a password can be guessed by using other pieces of information related to the user: their account name, real name, location, &c.
This is a subclass of "Data::Password::zxcvbn::Match::Dictionary".
METHODS¶
"make"¶
my @matches = @{ Data::Password::zxcvbn::Match::UserInput->make(
$password,
{
user_input => \%user_input,
# this is the default
l33t_table => \%Data::Password::zxcvbn::Match::Dictionary::l33t_table,
},
) };
The %user_input hash should be a simple hash mapping field names to strings. It will be converted into a set of dictionaries, one per key, containing words extracted from the strings. For example
{ name => 'Some One', address => '123 Place Street' }
will become:
{ name => { Some => 1, One => 1 },
address => { 123 => 1, Place => 1, Street => 1 } }
All words get rank 1 because they're obvious guesses from a cracker's point of view.
The rest of the logic is the same as for "Dictionary".
"feedback_warning"¶
The warnings for this class are very similar to those for "Dictionary", but they explicitly mention the field name. Warnings look like:
['The value of the [_1] field is easy to guess','address']
so your localisation library can translate the warning and the field name separately.
AUTHOR¶
Gianni Ceccarelli <gianni.ceccarelli@broadbean.com>
COPYRIGHT AND LICENSE¶
This software is copyright (c) 2022 by BroadBean UK, a CareerBuilder Company.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.
| 2023-04-04 | perl v5.36.0 |