基本但合乎逻辑的:
enum PasswordScore
{
Blank = 0,
VeryWeak = 1,
Weak = 2,
Medium = 3,
Strong = 4,
VeryStrong = 5
}
public class PasswordAdvisor
{
public static PasswordScore CheckStrength(string password)
{
int score = 1;
if (password.Length < 1)
return PasswordScore.Blank;
if (password.Length < 4)
return PasswordScore.VeryWeak;
if (password.Length >= 8)
score++;
if (password.Length >= 12)
score++;
if (Regex.Match(password, @"/\d+/", RegexOptions.ECMAScript))
score++;
if (Regex.Match(password, @"/[a-z]/", RegexOptions.ECMAScript) &&
Regex.Match(password, @"/[A-Z]/", RegexOptions.ECMAScript))
score++;
if (Regex.Match(password, @"/.[!,@,#,$,%,^,&,*,?,_,~,-,£,(,)]/", RegexOptions.ECMAScript))
score++;
return (PasswordScore)score;
}
}
参考:http://passwordadvisor.com/CodeAspNet.aspx
"密码强度"是一个相当通用的术语,它可能意味着密码字符数,使用的字符范围(基数),破解(暴力)密码所需的时间等.
测量密码加密强度的最佳方法之一是计算密码的熵数位(尽管这通常对于测量随机密码更准确.否则会得到过高估计的熵结果),
// Only accurate for passwords in ASCII.
public double CalculateEntropy(string password)
{
var cardinality = 0;
// Password contains lowercase letters.
if (password.Any(c => char.IsLower(c)))
{
cardinality = 26;
}
// Password contains uppercase letters.
if (password.Any(c => char.IsUpper(c)))
{
cardinality += 26;
}
// Password contains numbers.
if (password.Any(c => char.IsDigit(c)))
{
cardinality += 10;
}
// Password contains symbols.
if (password.IndexOfAny("\\|¬¦`!\"£$%^&*()_+-=[]{};:'@#~<>,./? ".ToCharArray()) >= 0)
{
cardinality += 36;
}
return Math.Log(cardinality, 2) * password.Length;
}
小智 5
如果我可以展示我定制的示例实现,例如 Teoman Soygul 的(以及我见过的与他类似的其他示例)……我的实现具有不同的评分方案,使用最低要求以及检查重复字符。
public enum PasswordScore
{
Blank = 0,
TooShort = 1,
RequirementsNotMet = 2,
VeryWeak = 3,
Weak = 4,
Fair = 5,
Medium = 6,
Strong = 7,
VeryStrong = 8
}
public static PasswordScore CheckStrength(string password)
{
int score = 0;
// using three requirements here: min length and two types of characters (numbers and letters)
bool blnMinLengthRequirementMet = false;
bool blnRequirement1Met = false;
bool blnRequirement2Met = false;
// check for chars in password
if (password.Length < 1)
return PasswordScore.Blank;
// if less than 6 chars, return as too short, else, plus one
if (password.Length < 6)
{
return PasswordScore.TooShort;
}
else
{
score++;
blnMinLengthRequirementMet = true;
}
// if 8 or more chars, plus one
if (password.Length >= 8)
score++;
// if 10 or more chars, plus one
if (password.Length >= 10)
score++;
// if password has a number, plus one
if (Regex.IsMatch(password, @"[\d]", RegexOptions.ECMAScript))
{
score++;
blnRequirement1Met = true;
}
// if password has lower case letter, plus one
if (Regex.IsMatch(password, @"[a-z]", RegexOptions.ECMAScript))
{
score++;
blnRequirement2Met = true;
}
// if password has upper case letter, plus one
if (Regex.IsMatch(password, @"[A-Z]", RegexOptions.ECMAScript))
{
score++;
blnRequirement2Met = true;
}
// if password has a special character, plus one
if (Regex.IsMatch(password, @"[~`!@#$%\^\&\*\(\)\-_\+=\[\{\]\}\|\\;:'\""<\,>\.\?\/£]", RegexOptions.ECMAScript))
score++;
// if password is longer than 2 characters and has 3 repeating characters, minus one (to minimum of score of 3)
List<char> lstPass = password.ToList();
if (lstPass.Count >= 3)
{
for (int i = 2; i < lstPass.Count; i++)
{
char charCurrent = lstPass[i];
if (charCurrent == lstPass[i - 1] && charCurrent == lstPass[i - 2] && score >= 4)
{
score++;
}
}
}
if (!blnMinLengthRequirementMet || !blnRequirement1Met || !blnRequirement2Met)
{
return PasswordScore.RequirementsNotMet;
}
return (PasswordScore)score;
}
这是我写的一个简单的:
/// <summary>
/// Evaluates a password
/// </summary>
public class PasswordEvaluator
{
public string Password { get; private set; }
public int Length { get; private set; }
public int TotalNumberChars { get; private set; }
public bool ContainsNumberChars{get { return TotalNumberChars > 0; }}
public int TotalUppercaseChars { get; private set; }
public bool ContainsUppercaseChars { get { return TotalUppercaseChars > 0; } }
public int TotalLowercaseChars { get; private set; }
public bool ContainsLowercaseChars { get { return TotalLowercaseChars > 0; } }
public int TotalSpecialChars { get; private set; }
public bool ContainsSpecialChars { get { return TotalSpecialChars > 0; } }
public PasswordEvaluator(string password)
{
Password = password.Trim();
Length = Password.Length;
foreach (var c in Password)
{
var charCode = (int)c;
if (charCode >= 48 && charCode <= 57) TotalNumberChars++;
else if (charCode >= 65 && charCode <= 90) TotalUppercaseChars++;
else if (charCode >= 97 && charCode <= 122) TotalLowercaseChars++;
else TotalSpecialChars++;
}
}
public bool StrongEnough()
{
// Minimum length requirement
if (Length < Settings.PasswordMinLength) return false;
// Mixed case requirement
if (!ContainsLowercaseChars && !ContainsUppercaseChars) return false;
// Special chars requirement
if (TotalSpecialChars < 3) return false;
// Min lower case chars requirement
if (TotalLowercaseChars < 3) return false;
// Min upper case chars requirement
if (TotalUppercaseChars < 3) return false;
return true;
}
}
您可以在以下位置定义自己的规则 StrongEnough()