CoreID/app/assets/lib/zxcvbn/zxcvbn.js.map

27 lines
857 KiB
Plaintext
Raw Permalink Normal View History

2020-05-04 01:16:54 +00:00
{
"version": 3,
"sources": [
"node_modules/browserify/node_modules/browser-pack/_prelude.js",
"src/adjacency_graphs.coffee",
"src/feedback.coffee",
"src/frequency_lists.coffee",
"src/main.coffee",
"src/matching.coffee",
"src/scoring.coffee",
"src/time_estimates.coffee"
],
"names": [],
"mappings": "AAAA;ACCA,GAAA,iBAAA,mBACE,QAAS,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAO,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,MAAO,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,OAAQ,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,OAAQ,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,OACx9H,QAAS,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,MAAO,KAAO,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,MAAO,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,KAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,MAAO,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,OAAQ,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,KAAM,KAAM,KAAM,MAAO,GAAM,KAAM,KAAM,K
"file": "generated.js",
"sourceRoot": "",
"sourcesContent": [
"(function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require==\"function\"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error(\"Cannot find module '\"+o+\"'\");throw f.code=\"MODULE_NOT_FOUND\",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof require==\"function\"&&require;for(var o=0;o<r.length;o++)s(r[o]);return s})",
"# generated by scripts/build_keyboard_adjacency_graphs.py\nadjacency_graphs = \n qwerty: {\"!\": [\"`~\", null, null, \"2@\", \"qQ\", null], \"\\\"\": [\";:\", \"[{\", \"]}\", null, null, \"/?\"], \"#\": [\"2@\", null, null, \"4$\", \"eE\", \"wW\"], \"$\": [\"3#\", null, null, \"5%\", \"rR\", \"eE\"], \"%\": [\"4$\", null, null, \"6^\", \"tT\", \"rR\"], \"&\": [\"6^\", null, null, \"8*\", \"uU\", \"yY\"], \"'\": [\";:\", \"[{\", \"]}\", null, null, \"/?\"], \"(\": [\"8*\", null, null, \"0)\", \"oO\", \"iI\"], \")\": [\"9(\", null, null, \"-_\", \"pP\", \"oO\"], \"*\": [\"7&\", null, null, \"9(\", \"iI\", \"uU\"], \"+\": [\"-_\", null, null, null, \"]}\", \"[{\"], \",\": [\"mM\", \"kK\", \"lL\", \".>\", null, null], \"-\": [\"0)\", null, null, \"=+\", \"[{\", \"pP\"], \".\": [\",<\", \"lL\", \";:\", \"/?\", null, null], \"/\": [\".>\", \";:\", \"'\\\"\", null, null, null], \"0\": [\"9(\", null, null, \"-_\", \"pP\", \"oO\"], \"1\": [\"`~\", null, null, \"2@\", \"qQ\", null], \"2\": [\"1!\", null, null, \"3#\", \"wW\", \"qQ\"], \"3\": [\"2@\", null, null, \"4$\", \"eE\", \"wW\"], \"4\": [\"3#\", null, null, \"5%\", \"rR\", \"eE\"], \"5\": [\"4$\", null, null, \"6^\", \"tT\", \"rR\"], \"6\": [\"5%\", null, null, \"7&\", \"yY\", \"tT\"], \"7\": [\"6^\", null, null, \"8*\", \"uU\", \"yY\"], \"8\": [\"7&\", null, null, \"9(\", \"iI\", \"uU\"], \"9\": [\"8*\", null, null, \"0)\", \"oO\", \"iI\"], \":\": [\"lL\", \"pP\", \"[{\", \"'\\\"\", \"/?\", \".>\"], \";\": [\"lL\", \"pP\", \"[{\", \"'\\\"\", \"/?\", \".>\"], \"<\": [\"mM\", \"kK\", \"lL\", \".>\", null, null], \"=\": [\"-_\", null, null, null, \"]}\", \"[{\"], \">\": [\",<\", \"lL\", \";:\", \"/?\", null, null], \"?\": [\".>\", \";:\", \"'\\\"\", null, null, null], \"@\": [\"1!\", null, null, \"3#\", \"wW\", \"qQ\"], \"A\": [null, \"qQ\", \"wW\", \"sS\", \"zZ\", null], \"B\": [\"vV\", \"gG\", \"hH\", \"nN\", null, null], \"C\": [\"xX\", \"dD\", \"fF\", \"vV\", null, null], \"D\": [\"sS\", \"eE\", \"rR\", \"fF\", \"cC\", \"xX\"], \"E\": [\"wW\", \"3#\", \"4$\", \"rR\", \"dD\", \"sS\"], \"F\": [\"dD\", \"rR\", \"tT\", \"gG\", \"vV\", \"cC\"], \"G\": [\"fF\", \"tT\", \"yY\", \"hH\", \"bB\", \"vV\"], \"H\": [\"gG\", \"yY\", \"uU\", \"jJ\", \"nN\", \"bB\"], \"I\": [\"uU\", \"8*\", \"9(\", \"oO\", \"kK\", \"jJ\"], \"J\": [\"hH\", \"uU\", \"iI\", \"kK\", \"mM\", \"nN\"], \"K\": [\"jJ\", \"iI\", \"oO\", \"lL\", \",<\", \"mM\"], \"L\": [\"kK\", \"oO\", \"pP\", \";:\", \".>\", \",<\"], \"M\": [\"nN\", \"jJ\", \"kK\", \",<\", null, null], \"N\": [\"bB\", \"hH\", \"jJ\", \"mM\", null, null], \"O\": [\"iI\", \"9(\", \"0)\", \"pP\", \"lL\", \"kK\"], \"P\": [\"oO\", \"0)\", \"-_\", \"[{\", \";:\", \"lL\"], \"Q\": [null, \"1!\", \"2@\", \"wW\", \"aA\", null], \"R\": [\"eE\", \"4$\", \"5%\", \"tT\", \"fF\", \"dD\"], \"S\": [\"aA\", \"wW\", \"eE\", \"dD\", \"xX\", \"zZ\"], \"T\": [\"rR\", \"5%\", \"6^\", \"yY\", \"gG\", \"fF\"], \"U\": [\"yY\", \"7&\", \"8*\", \"iI\", \"jJ\", \"hH\"], \"V\": [\"cC\", \"fF\", \"gG\", \"bB\", null, null], \"W\": [\"qQ\", \"2@\", \"3#\", \"eE\", \"sS\", \"aA\"], \"X\": [\"zZ\", \"sS\", \"dD\", \"cC\", null, null], \"Y\": [\"tT\", \"6^\", \"7&\", \"uU\", \"hH\", \"gG\"], \"Z\": [null, \"aA\", \"sS\", \"xX\", null, null], \"[\": [\"pP\", \"-_\", \"=+\", \"]}\", \"'\\\"\", \";:\"], \"\\\\\": [\"]}\", null, null, null, null, null], \"]\": [\"[{\", \"=+\", null, \"\\\\|\", null, \"'\\\"\"], \"^\": [\"5%\", null, null, \"7&\", \"yY\", \"tT\"], \"_\": [\"0)\", null, null, \"=+\", \"[{\", \"pP\"], \"`\": [null, null, null, \"1!\", null, null], \"a\": [null, \"qQ\", \"wW\", \"sS\", \"zZ\", null], \"b\": [\"vV\", \"gG\", \"hH\", \"nN\", null, null], \"c\": [\"xX\", \"dD\", \"fF\", \"vV\", null, null], \"d\": [\"sS\", \"eE\", \"rR\", \"fF\", \"cC\", \"xX\"], \"e\": [\"wW\", \"3#\", \"4$\", \"rR\", \"dD\", \"sS\"], \"f\": [\"dD\", \"rR\", \"tT\", \"gG\", \"vV\", \"cC\"], \"g\": [\"fF\", \"tT\", \"yY\", \"hH\", \"bB\", \"vV\"], \"h\": [\"gG\", \"yY\", \"uU\", \"jJ\", \"nN\", \"bB\"], \"i\": [\"uU\", \"8*\", \"9(\", \"oO\", \"kK\", \"jJ\"], \"j\": [\"hH\", \"uU\", \
"scoring = require('./scoring')\n\nfeedback =\n default_feedback:\n warning: ''\n suggestions: [\n \"Use a few words, avoid common phrases\"\n \"No need for symbols, digits, or uppercase letters\"\n ]\n\n get_feedback: (score, sequence) ->\n # starting feedback\n return @default_feedback if sequence.length == 0\n\n # no feedback if score is good or great.\n return if score > 2\n warning: ''\n suggestions: []\n\n # tie feedback to the longest match for longer sequences\n longest_match = sequence[0]\n for match in sequence[1..]\n longest_match = match if match.token.length > longest_match.token.length\n feedback = @get_match_feedback(longest_match, sequence.length == 1)\n extra_feedback = 'Add another word or two. Uncommon words are better.'\n if feedback?\n feedback.suggestions.unshift extra_feedback\n feedback.warning = '' unless feedback.warning?\n else\n feedback =\n warning: ''\n suggestions: [extra_feedback]\n feedback\n\n get_match_feedback: (match, is_sole_match) ->\n switch match.pattern\n when 'dictionary'\n @get_dictionary_match_feedback match, is_sole_match\n\n when 'spatial'\n layout = match.graph.toUpperCase()\n warning = if match.turns == 1\n 'Straight rows of keys are easy to guess'\n else\n 'Short keyboard patterns are easy to guess'\n warning: warning\n suggestions: [\n 'Use a longer keyboard pattern with more turns'\n ]\n\n when 'repeat'\n warning = if match.base_token.length == 1\n 'Repeats like \"aaa\" are easy to guess'\n else\n 'Repeats like \"abcabcabc\" are only slightly harder to guess than \"abc\"'\n warning: warning\n suggestions: [\n 'Avoid repeated words and characters'\n ]\n\n when 'sequence'\n warning: \"Sequences like abc or 6543 are easy to guess\"\n suggestions: [\n 'Avoid sequences'\n ]\n\n when 'regex'\n if match.regex_name == 'recent_year'\n warning: \"Recent years are easy to guess\"\n suggestions: [\n 'Avoid recent years'\n 'Avoid years that are associated with you'\n ]\n\n when 'date'\n warning: \"Dates are often easy to guess\"\n suggestions: [\n 'Avoid dates and years that are associated with you'\n ]\n\n get_dictionary_match_feedback: (match, is_sole_match) ->\n warning = if match.dictionary_name == 'passwords'\n if is_sole_match and not match.l33t and not match.reversed\n if match.rank <= 10\n 'This is a top-10 common password'\n else if match.rank <= 100\n 'This is a top-100 common password'\n else\n 'This is a very common password'\n else if match.guesses_log10 <= 4\n 'This is similar to a commonly used password'\n else if match.dictionary_name == 'english_wikipedia'\n if is_sole_match\n 'A word by itself is easy to guess'\n else if match.dictionary_name in ['surnames', 'male_names', 'female_names']\n if is_sole_match\n 'Names and surnames by themselves are easy to guess'\n else\n 'Common names and surnames are easy to guess'\n else\n ''\n\n suggestions = []\n word = match.token\n if word.match(scoring.START_UPPER)\n suggestions.push \"Capitalization doesn't help very much\"\n else if word.match(scoring.ALL_UPPER) and word.toLowerCase() != word\n suggestions.push \"All-uppercase is almost as easy to guess as all-lowercase\"\n\n if match.reversed and match.token.length >= 4\n suggestions.push \"Reversed words aren't much harder to guess\"\n if match.l33t\n suggestions.push \"Predictable substitutions like '@' instead of 'a' don't help very much\"\n\n result =\n warning: warning\n suggestions: suggestions\n result\n\nmodule.exports = feedback\n",
"# generated by build_frequency_lists.py\nfrequency_lists = \n passwords: \"123456,password,12345678,qwerty,123456789,12345,1234,111111,1234567,dragon,123123,baseball,abc123,football,monkey,letmein,shadow,master,696969,mustang,666666,qwertyuiop,123321,1234567890,pussy,superman,654321,1qaz2wsx,7777777,fuckyou,qazwsx,jordan,123qwe,000000,killer,trustno1,hunter,harley,zxcvbnm,asdfgh,buster,batman,soccer,tigger,charlie,sunshine,iloveyou,fuckme,ranger,hockey,computer,starwars,asshole,pepper,klaster,112233,zxcvbn,freedom,princess,maggie,pass,ginger,11111111,131313,fuck,love,cheese,159753,summer,chelsea,dallas,biteme,matrix,yankees,6969,corvette,austin,access,thunder,merlin,secret,diamond,hello,hammer,fucker,1234qwer,silver,gfhjkm,internet,samantha,golfer,scooter,test,orange,cookie,q1w2e3r4t5,maverick,sparky,phoenix,mickey,bigdog,snoopy,guitar,whatever,chicken,camaro,mercedes,peanut,ferrari,falcon,cowboy,welcome,sexy,samsung,steelers,smokey,dakota,arsenal,boomer,eagles,tigers,marina,nascar,booboo,gateway,yellow,porsche,monster,spider,diablo,hannah,bulldog,junior,london,purple,compaq,lakers,iceman,qwer1234,hardcore,cowboys,money,banana,ncc1701,boston,tennis,q1w2e3r4,coffee,scooby,123654,nikita,yamaha,mother,barney,brandy,chester,fuckoff,oliver,player,forever,rangers,midnight,chicago,bigdaddy,redsox,angel,badboy,fender,jasper,slayer,rabbit,natasha,marine,bigdick,wizard,marlboro,raiders,prince,casper,fishing,flower,jasmine,iwantu,panties,adidas,winter,winner,gandalf,password1,enter,ghbdtn,1q2w3e4r,golden,cocacola,jordan23,winston,madison,angels,panther,blowme,sexsex,bigtits,spanky,bitch,sophie,asdfasdf,horny,thx1138,toyota,tiger,dick,canada,12344321,blowjob,8675309,muffin,liverpoo,apples,qwerty123,passw0rd,abcd1234,pokemon,123abc,slipknot,qazxsw,123456a,scorpion,qwaszx,butter,startrek,rainbow,asdfghjkl,razz,newyork,redskins,gemini,cameron,qazwsxedc,florida,liverpool,turtle,sierra,viking,booger,butthead,doctor,rocket,159357,dolphins,captain,bandit,jaguar,packers,pookie,peaches,789456,asdf,dolphin,helpme,blue,theman,maxwell,qwertyui,shithead,lovers,maddog,giants,nirvana,metallic,hotdog,rosebud,mountain,warrior,stupid,elephant,suckit,success,bond007,jackass,alexis,porn,lucky,scorpio,samson,q1w2e3,azerty,rush2112,driver,freddy,1q2w3e4r5t,sydney,gators,dexter,red123,123456q,12345a,bubba,creative,voodoo,golf,trouble,america,nissan,gunner,garfield,bullshit,asdfghjk,5150,fucking,apollo,1qazxsw2,2112,eminem,legend,airborne,bear,beavis,apple,brooklyn,godzilla,skippy,4815162342,buddy,qwert,kitten,magic,shelby,beaver,phantom,asdasd,xavier,braves,darkness,blink182,copper,platinum,qweqwe,tomcat,01012011,girls,bigboy,102030,animal,police,online,11223344,voyager,lifehack,12qwaszx,fish,sniper,315475,trinity,blazer,heaven,lover,snowball,playboy,loveme,bubbles,hooters,cricket,willow,donkey,topgun,nintendo,saturn,destiny,pakistan,pumpkin,digital,sergey,redwings,explorer,tits,private,runner,therock,guinness,lasvegas,beatles,789456123,fire,cassie,christin,qwerty1,celtic,asdf1234,andrey,broncos,007007,babygirl,eclipse,fluffy,cartman,michigan,carolina,testing,alexande,birdie,pantera,cherry,vampire,mexico,dickhead,buffalo,genius,montana,beer,minecraft,maximus,flyers,lovely,stalker,metallica,doggie,snickers,speedy,bronco,lol123,paradise,yankee,horses,magnum,dreams,147258369,lacrosse,ou812,goober,enigma,qwertyu,scotty,pimpin,bollocks,surfer,cock,poohbear,genesis,star,asd123,qweasdzxc,racing,hello1,hawaii,eagle1,viper,poopoo,einstein,boobies,12345q,bitches,drowssap,simple,badger,alaska,action,jester,drummer,111222,spitfire,forest,maryjane,champion,diesel,svetlana,friday,hotrod,147258,chevy,lucky1,westside,security,google,badass,tester,shorty,thumper,hitman,mozart,zaq12wsx,boobs,reddog,010203,lizard,a123456,123456789a,ruslan,eagle,1232323q,scarface,qwerty12,147852,a12345,buddha,porno,420420,spirit,money1,stargate,qwe123,naruto,mercury,liberty,12345qwert,semperfi,suzuki,popcorn,spooky,marley,scotland,kitty,cherokee,vikings,simpsons,rascal,qweasd,hummer,loveyou,michael1,patches,russia,jupiter,penguin,passion,cumshot,vfhbyf,honda,vladimir,sandman,passport,
"matching = require './matching'\nscoring = require './scoring'\ntime_estimates = require './time_estimates'\nfeedback = require './feedback'\n\ntime = -> (new Date()).getTime()\n\nzxcvbn = (password, user_inputs = []) ->\n start = time()\n # reset the user inputs matcher on a per-request basis to keep things stateless\n sanitized_inputs = []\n for arg in user_inputs\n if typeof arg in [\"string\", \"number\", \"boolean\"]\n sanitized_inputs.push arg.toString().toLowerCase()\n matching.set_user_input_dictionary sanitized_inputs\n matches = matching.omnimatch password\n result = scoring.most_guessable_match_sequence password, matches\n result.calc_time = time() - start\n attack_times = time_estimates.estimate_attack_times result.guesses\n for prop, val of attack_times\n result[prop] = val\n result.feedback = feedback.get_feedback result.score, result.sequence\n result\n\nmodule.exports = zxcvbn\n",
"frequency_lists = require('./frequency_lists')\nadjacency_graphs = require('./adjacency_graphs')\nscoring = require('./scoring')\n\nbuild_ranked_dict = (ordered_list) ->\n result = {}\n i = 1 # rank starts at 1, not 0\n for word in ordered_list\n result[word] = i\n i += 1\n result\n\nRANKED_DICTIONARIES = {}\nfor name, lst of frequency_lists\n RANKED_DICTIONARIES[name] = build_ranked_dict lst\n\nGRAPHS =\n qwerty: adjacency_graphs.qwerty\n dvorak: adjacency_graphs.dvorak\n keypad: adjacency_graphs.keypad\n mac_keypad: adjacency_graphs.mac_keypad\n\nL33T_TABLE =\n a: ['4', '@']\n b: ['8']\n c: ['(', '{', '[', '<']\n e: ['3']\n g: ['6', '9']\n i: ['1', '!', '|']\n l: ['1', '|', '7']\n o: ['0']\n s: ['$', '5']\n t: ['+', '7']\n x: ['%']\n z: ['2']\n\nREGEXEN =\n recent_year: /19\\d\\d|200\\d|201\\d/g\n\nDATE_MAX_YEAR = 2050\nDATE_MIN_YEAR = 1000\nDATE_SPLITS =\n 4:[ # for length-4 strings, eg 1191 or 9111, two ways to split:\n [1, 2] # 1 1 91 (2nd split starts at index 1, 3rd at index 2)\n [2, 3] # 91 1 1\n ]\n 5:[\n [1, 3] # 1 11 91\n [2, 3] # 11 1 91\n ]\n 6:[\n [1, 2] # 1 1 1991\n [2, 4] # 11 11 91\n [4, 5] # 1991 1 1\n ]\n 7:[\n [1, 3] # 1 11 1991\n [2, 3] # 11 1 1991\n [4, 5] # 1991 1 11\n [4, 6] # 1991 11 1\n ]\n 8:[\n [2, 4] # 11 11 1991\n [4, 6] # 1991 11 11\n ]\n\nmatching =\n empty: (obj) -> (k for k of obj).length == 0\n extend: (lst, lst2) -> lst.push.apply lst, lst2\n translate: (string, chr_map) -> (chr_map[chr] or chr for chr in string.split('')).join('')\n mod: (n, m) -> ((n % m) + m) % m # mod impl that works for negative numbers\n sorted: (matches) ->\n # sort on i primary, j secondary\n matches.sort (m1, m2) ->\n (m1.i - m2.i) or (m1.j - m2.j)\n\n # ------------------------------------------------------------------------------\n # omnimatch -- combine everything ----------------------------------------------\n # ------------------------------------------------------------------------------\n\n omnimatch: (password) ->\n matches = []\n matchers = [\n @dictionary_match\n @reverse_dictionary_match\n @l33t_match\n @spatial_match\n @repeat_match\n @sequence_match\n @regex_match\n @date_match\n ]\n for matcher in matchers\n @extend matches, matcher.call(this, password)\n @sorted matches\n\n #-------------------------------------------------------------------------------\n # dictionary match (common passwords, english, last names, etc) ----------------\n #-------------------------------------------------------------------------------\n\n dictionary_match: (password, _ranked_dictionaries = RANKED_DICTIONARIES) ->\n # _ranked_dictionaries variable is for unit testing purposes\n matches = []\n len = password.length\n password_lower = password.toLowerCase()\n for dictionary_name, ranked_dict of _ranked_dictionaries\n for i in [0...len]\n for j in [i...len]\n if password_lower[i..j] of ranked_dict\n word = password_lower[i..j]\n rank = ranked_dict[word]\n matches.push\n pattern: 'dictionary'\n i: i\n j: j\n token: password[i..j]\n matched_word: word\n rank: rank\n dictionary_name: dictionary_name\n reversed: false\n l33t: false\n @sorted matches\n\n reverse_dictionary_match: (password, _ranked_dictionaries = RANKED_DICTIONARIES) ->\n reversed_password = password.split('').reverse().join('')\n matches = @dictionary_match reversed_password, _ranked_dictionaries\n for match in matches\n match.token = match.token.split('').reverse().join('') # reverse back\n match.reversed = true\n # map coordinates back to original string\n [match.i, match.j] = [\n password.length - 1 - match.j\n password.length - 1 - match.i\n ]\n @sorted matches\n\n set_user_input_dictionary: (ordered_list) ->\n RANKED_
"adjacency_graphs = require('./adjacency_graphs')\n\n# on qwerty, 'g' has degree 6, being adjacent to 'ftyhbv'. '\\' has degree 1.\n# this calculates the average over all keys.\ncalc_average_degree = (graph) ->\n average = 0\n for key, neighbors of graph\n average += (n for n in neighbors when n).length\n average /= (k for k,v of graph).length\n average\n\nBRUTEFORCE_CARDINALITY = 10\nMIN_GUESSES_BEFORE_GROWING_SEQUENCE = 10000\nMIN_SUBMATCH_GUESSES_SINGLE_CHAR = 10\nMIN_SUBMATCH_GUESSES_MULTI_CHAR = 50\n\nscoring =\n nCk: (n, k) ->\n # http://blog.plover.com/math/choose.html\n return 0 if k > n\n return 1 if k == 0\n r = 1\n for d in [1..k]\n r *= n\n r /= d\n n -= 1\n r\n\n log10: (n) -> Math.log(n) / Math.log(10) # IE doesn't support Math.log10 :(\n log2: (n) -> Math.log(n) / Math.log(2)\n\n factorial: (n) ->\n # unoptimized, called only on small n\n return 1 if n < 2\n f = 1\n f *= i for i in [2..n]\n f\n\n # ------------------------------------------------------------------------------\n # search --- most guessable match sequence -------------------------------------\n # ------------------------------------------------------------------------------\n #\n # takes a sequence of overlapping matches, returns the non-overlapping sequence with\n # minimum guesses. the following is a O(l_max * (n + m)) dynamic programming algorithm\n # for a length-n password with m candidate matches. l_max is the maximum optimal\n # sequence length spanning each prefix of the password. In practice it rarely exceeds 5 and the\n # search terminates rapidly.\n #\n # the optimal \"minimum guesses\" sequence is here defined to be the sequence that\n # minimizes the following function:\n #\n # g = l! * Product(m.guesses for m in sequence) + D^(l - 1)\n #\n # where l is the length of the sequence.\n #\n # the factorial term is the number of ways to order l patterns.\n #\n # the D^(l-1) term is another length penalty, roughly capturing the idea that an\n # attacker will try lower-length sequences first before trying length-l sequences.\n #\n # for example, consider a sequence that is date-repeat-dictionary.\n # - an attacker would need to try other date-repeat-dictionary combinations,\n # hence the product term.\n # - an attacker would need to try repeat-date-dictionary, dictionary-repeat-date,\n # ..., hence the factorial term.\n # - an attacker would also likely try length-1 (dictionary) and length-2 (dictionary-date)\n # sequences before length-3. assuming at minimum D guesses per pattern type,\n # D^(l-1) approximates Sum(D^i for i in [1..l-1]\n #\n # ------------------------------------------------------------------------------\n\n most_guessable_match_sequence: (password, matches, _exclude_additive=false) ->\n\n n = password.length\n\n # partition matches into sublists according to ending index j\n matches_by_j = ([] for _ in [0...n])\n for m in matches\n matches_by_j[m.j].push m\n # small detail: for deterministic output, sort each sublist by i.\n for lst in matches_by_j\n lst.sort (m1, m2) -> m1.i - m2.i\n\n optimal =\n # optimal.m[k][l] holds final match in the best length-l match sequence covering the\n # password prefix up to k, inclusive.\n # if there is no length-l sequence that scores better (fewer guesses) than\n # a shorter match sequence spanning the same prefix, optimal.m[k][l] is undefined.\n m: ({} for _ in [0...n])\n\n # same structure as optimal.m -- holds the product term Prod(m.guesses for m in sequence).\n # optimal.pi allows for fast (non-looping) updates to the minimization function.\n pi: ({} for _ in [0...n])\n\n # same structure as optimal.m -- holds the overall metric.\n g: ({} for _ in [0...n])\n\n # helper: considers whether a length-l sequence ending at match m is better (fewer guesses)\n # than previously encountered sequences, updating state if so.\n update = (m, l) =>\n k = m.j\n pi = @estimate_g
"time_estimates =\n estimate_attack_times: (guesses) ->\n crack_times_seconds =\n online_throttling_100_per_hour: guesses / (100 / 3600)\n online_no_throttling_10_per_second: guesses / 10\n offline_slow_hashing_1e4_per_second: guesses / 1e4\n offline_fast_hashing_1e10_per_second: guesses / 1e10\n\n crack_times_display = {}\n for scenario, seconds of crack_times_seconds\n crack_times_display[scenario] = @display_time seconds\n\n crack_times_seconds: crack_times_seconds\n crack_times_display: crack_times_display\n score: @guesses_to_score guesses\n\n\n guesses_to_score: (guesses) ->\n DELTA = 5\n if guesses < 1e3 + DELTA\n # risky password: \"too guessable\"\n 0\n else if guesses < 1e6 + DELTA\n # modest protection from throttled online attacks: \"very guessable\"\n 1\n else if guesses < 1e8 + DELTA\n # modest protection from unthrottled online attacks: \"somewhat guessable\"\n 2\n else if guesses < 1e10 + DELTA\n # modest protection from offline attacks: \"safely unguessable\"\n # assuming a salted, slow hash function like bcrypt, scrypt, PBKDF2, argon, etc\n 3\n else\n # strong protection from offline attacks under same scenario: \"very unguessable\"\n 4\n\n display_time: (seconds) ->\n minute = 60\n hour = minute * 60\n day = hour * 24\n month = day * 31\n year = month * 12\n century = year * 100\n [display_num, display_str] = if seconds < 1\n [null, 'less than a second']\n else if seconds < minute\n base = Math.round seconds\n [base, \"#{base} second\"]\n else if seconds < hour\n base = Math.round seconds / minute\n [base, \"#{base} minute\"]\n else if seconds < day\n base = Math.round seconds / hour\n [base, \"#{base} hour\"]\n else if seconds < month\n base = Math.round seconds / day\n [base, \"#{base} day\"]\n else if seconds < year\n base = Math.round seconds / month\n [base, \"#{base} month\"]\n else if seconds < century\n base = Math.round seconds / year\n [base, \"#{base} year\"]\n else\n [null, 'centuries']\n display_str += 's' if display_num? and display_num != 1\n display_str\n\nmodule.exports = time_estimates\n"
]
}