This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/OWASP Passfault/Roadmap"

From OWASP
Jump to: navigation, search
(Release 0.9)
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
  
 +
 +
== Release 0.8 ==
 +
Goal: preparation for ESAPI
 +
* More meaningful word lists
 +
** Frequency lists: build lists of the most common words, names. (Done for English, Spainish)
 +
** Improved configuration of finders and wordlists
 +
 +
== Release 0.9 ==
 +
* UI improvements
 +
* Fix backlog of issues
 +
* experiment with configuration of wordlists
 +
 +
== Release 1.0 ==
 +
Goals: Enterprise Ready
 +
- UI improvements for learning better password strategies
 +
- Easier to configure and run, not requiring a developer to wire things up.
 +
 +
== Other Important Goals ==
 
* Javascript library generated by GWT and GWT Export.  Do you know GWT?  Please help us build a javascript version of passfault using GWT Exporter: https://code.google.com/p/gwt-exporter/
 
* Javascript library generated by GWT and GWT Export.  Do you know GWT?  Please help us build a javascript version of passfault using GWT Exporter: https://code.google.com/p/gwt-exporter/
 +
* OS system integration: 
 +
** Linux
 +
*** running passwd on linux runs passfault
 +
*** apt-get install passfault
 +
** Windows
 
* Document each pattern finder on the OWASP wiki.
 
* Document each pattern finder on the OWASP wiki.
* ESAPI Authenticator Decorator: Implement an ESAPI Authenticator that will enhance an existing authenticator with passfault implementing the "verifyPasswordStrength" method.
 
** A volunteer force from university of Florida has built this.  All that remains is to get it into ESAPI.
 
 
* JQuery Plugin: A JQuery plugin that will let a web site use either the passfault applet or a passfault JSON Service to analyze a password.
 
* JQuery Plugin: A JQuery plugin that will let a web site use either the passfault applet or a passfault JSON Service to analyze a password.
 
* Wordlists:  We can always use better word lists.  Contact us on the mailing list if you want to help.
 
* Wordlists:  We can always use better word lists.  Contact us on the mailing list if you want to help.
  
 
For current bugs and smaller tasks see the issues list on github: https://github.com/c-a-m/passfault/issues?state=open
 
For current bugs and smaller tasks see the issues list on github: https://github.com/c-a-m/passfault/issues?state=open

Latest revision as of 21:44, 24 February 2015


Release 0.8

Goal: preparation for ESAPI

  • More meaningful word lists
    • Frequency lists: build lists of the most common words, names. (Done for English, Spainish)
    • Improved configuration of finders and wordlists

Release 0.9

  • UI improvements
  • Fix backlog of issues
  • experiment with configuration of wordlists

Release 1.0

Goals: Enterprise Ready - UI improvements for learning better password strategies - Easier to configure and run, not requiring a developer to wire things up.

Other Important Goals

  • Javascript library generated by GWT and GWT Export. Do you know GWT? Please help us build a javascript version of passfault using GWT Exporter: https://code.google.com/p/gwt-exporter/
  • OS system integration:
    • Linux
      • running passwd on linux runs passfault
      • apt-get install passfault
    • Windows
  • Document each pattern finder on the OWASP wiki.
  • JQuery Plugin: A JQuery plugin that will let a web site use either the passfault applet or a passfault JSON Service to analyze a password.
  • Wordlists: We can always use better word lists. Contact us on the mailing list if you want to help.

For current bugs and smaller tasks see the issues list on github: https://github.com/c-a-m/passfault/issues?state=open