rootless
/
password-strength


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596
							package main

import (
	"flag"
	"fmt"
	"github.com/trustelem/zxcvbn"
	"math"
	"os"
	"passphrase-entropy/packages/haveibeenpwned"
	"strings"
)

func contains(arr [3]string, str string) bool {
	for _, a := range arr {
		if a == str {
			return true
		}
	}
	return false
}

func myUsage() {
	fmt.Println("usage: passphrase-strength <command> [<args>]")
	fmt.Println("Available commands are: ")
	fmt.Println(" diceware   Calculate strength of a diceware passphrase")
	fmt.Println(" random     Calculate strength of a random string")
	fmt.Println(" invented   Calculate strength of an invented passphrase")
}

func secondsToHuman(guesses float64) (result string) {
	minute := float64(60)
	hour := minute * 60
	day := hour * 24
	month := day * 31
	year := month * 12
	century := year * 100
	if guesses < 1 {
		result = "< 1 second"
	} else if guesses < minute {
		result = fmt.Sprintf("%d seconds", int(math.Round(guesses)))
	} else if guesses < hour {
		result = fmt.Sprintf("%d minutes", int(math.Round(guesses / minute)))
	} else if guesses < day {
		result = fmt.Sprintf("%d hours", int(math.Round(guesses / hour)))
	} else if guesses < month {
		result = fmt.Sprintf("%d days", int(math.Round(guesses / day)))
	} else if guesses < year {
		result = fmt.Sprintf("%d months", int(math.Round(guesses / month)))
	} else if guesses < century {
		result = fmt.Sprintf("%d years", int(math.Round(guesses / year)))
	} else {
		result = fmt.Sprintf("Centuries")
	}
	return
}

func main() {
	var passphrase, words string
	var pwnedFlag, haveIBeenPwned bool
	var err error

	flag.StringVar(&passphrase,"password", "", "the password")
	flag.StringVar(&words, "words", "", "used words")
	flag.BoolVar(&pwnedFlag, "pwned", false, "check if password has been seen before")
	flag.Parse()

	if len(os.Args) == 1 || passphrase == "" {
		flag.PrintDefaults()
		return
	}

	if pwnedFlag == true {
		haveIBeenPwned, err = pwned.IsPasswordCompromised(passphrase)
	}

	if err != nil {
		fmt.Println("Something went wrong.")
	} else {
		userInput := strings.Fields(words)
		strength := zxcvbn.PasswordStrength(passphrase, userInput)
		guesses := strength.Guesses
		fmt.Printf("\nPassword:\t\t%s\n", passphrase)
		fmt.Printf("Password strength:\t%d/4\n", strength.Score)

		fmt.Printf("Guesses Log10:\t\t%f\n", math.Log10(float64(guesses)))
		fmt.Println("\nGuess times")
		fmt.Printf("100 / h:\t\t%s\t(throttled online attack)\n",secondsToHuman(guesses * (3600 / 100)))
		fmt.Printf("10  / s:\t\t%s\t(unthrottled online attack)\n",secondsToHuman(guesses/10))
		fmt.Printf("10k / s:\t\t%s\t(offline attack, slow hash, many cores)\n",secondsToHuman(guesses / 1e4))
		fmt.Printf("10b / s:\t\t%s\t(offline attack, slow hash, many cores)\n",secondsToHuman(guesses / 1e10))
	}
	if haveIBeenPwned == true {
		fmt.Println("\nThis password has been compromised and should not be used.")
		return
	}
}