This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Passfault
OWASP PassfaultOWASP Passfault evaluates the strength of passwords accurately enough to predict the time to crack. It makes creating passwords and password policies significantly more intuitive and simple. Passwords don't have to be annoying!
IntroductionOWASP Passfault is more ...
DescriptionWhen setting a password, OWASP Passfault examines the password, looking for common patterns. It than measures the size of the patterns and combinations of patterns. The end result is a more academic and accurate measurement of password strength. When setting a password policy, OWASP Passfault simplifies configuration to one simple meaningful measurement: the number of passwords found in the password patterns. This measurement is made more intuitive and meaningful with an estimated time to crack.
LicensingOWASP Passfault is free to use. It is licensed under the [Apache License version 2.0] . |
What is Passfault?OWASP Passfault provides:
PresentationArticlesYour Passwords don't Suck, its your Policies [ZDNet] Redefining Password Strength and Creation [MidsizeInsider, IBM] How long would it take to crack your password [Naked Security, Sophos]
|
Quick Download
Demo Page
Project Leader
Related Projects
Ohloh
ClassificationsDemo Site
To be extra cautious, download the code and execute it locally. (See the readme) https://github.com/c-a-m/passfault/blob/master/README.txt VolunteersOWASP Passfault is developed by a worldwide team of volunteers. The primary contributors to date have been:
Others
Release 0.8Goal: preparation for ESAPI
Release 0.9
Release 1.0Goals: Enterprise Ready - UI improvements for learning better password strategies - Easier to configure and run, not requiring a developer to wire things up. Other Important Goals
For current bugs and smaller tasks see the issues list on github: https://github.com/c-a-m/passfault/issues?state=open
|