Zxcvbn Alternatives
Similar projects and alternatives to zxcvbn
-
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
-
keepassxc
KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
-
Scout APM
Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.
-
monkeytype
The most customizable typing website with a minimalistic design and a ton of features. Test yourself in various modes, track your progress and improve your speed.
-
age
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
-
-
material-ui
MUI (formerly Material-UI) is the React UI library you always wanted. Follow your own design system, or start with Material Design.
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
-
-
-
-
Bitwarden
The core infrastructure backend (API, database, Docker, etc). (by bitwarden)
-
-
-
-
-
libsodium.js
libsodium compiled to Webassembly and pure JavaScript, with convenient wrappers.
-
-
scrypt
The scrypt key derivation function was originally developed for use in the Tarsnap online backup system and is designed to be far more secure against hardware brute-force attacks than alternative functions such as PBKDF2 or bcrypt.
-
-
Reviews and mentions
-
why is making an account much more difficult than any other site?
There are some popular libraries that devs can use to measure the password strength. One of the more popular is the one that Dropbox has created. https://github.com/dropbox/zxcvbn
-
Is there a way to see the password entropy ?
I think you mean zxcvbn, which is what the Master Password strength indicator in Bitwarden uses.
-
Chrome text files in appdata/local
That initial list of files seems to include the files from https://github.com/dropbox/zxcvbn/tree/master/data which is a password checking library. This suggests either Chrome uses this or a plugin you have in Chrome uses this library.
-
Passphrase security evaluation algorithm
Just. Use. Zxcvbn, the library. SERIOUSLY. It. Makes. Sense.
-
What is this file I found in finder? I found it in the google chrome file folder
It comes from the zxcvbn Library, which Chrome uses to estimate the strength of your passwords.
-
Being told my 16 character password is weak (I use a random selection of numbers, letters(upper and lower), and special chars, that I've memorised)
On mobile rn so idk what security.org is using for their password security estimation algo, but running it through dropbox/zxcvbn is a good alternative if you don’t want to expose your password online or don’t trust those sites.
-
Minimalism
Yeah, they're wrong but that doesn't stop them from getting in the way. If I ever run into that with a password I have to type, I usually just add an exclamation mark to the end, but most sites can't trigger this issue to begin with if you use a password manager. If they want symbols, they get symbols, I don't care, there's a high chance I'm not even gonna see that password for its entire lifetime.
-
Hat.sh V2 release - simple, fast, secure client-side file encryption.
React.js/ Next.js / Material-UI / Browserify (bundle packaging) / Serve (static site serving) / React-Dropzone (file drag drop) / React-Idle-Timer / zxcvbn.js (Password strength estimation)
-
Plume/Homepass Now(?) Allows Network Management from Website
As I wish all sites and services would, Plume should discourage weak or compromised passwords (a password strength indicator can help with the first - I use zxcvbn, a service such as run by Have I Been Pwned can help with the second) and implement non-SMS/non-email based MFA (TOTP or similar). MFA would be an option for users, but should be recommended.
-
Please Log in with Router's Password
I think most of this comes down to bad education on how to choose a secure password and not an innate inability. And for the most part we software engineers are at fault for advocating and enforcing mostly useless policies for more than two decates.
I would love for more websites to implement something like the zxcvbn password strength meter [1], but unfortunately I keep seeing new services or recently refreshed ones using outdated and hurtful policies like requiring numbers and special characters.
-
The logic behind three random words
When implementing a password strength checker lately I relied mainly on https://github.com/dropbox/zxcvbn (which is great) but added in a check for correct horse battery staple (and variants). Probably not that important in the big scheme of things but I thought it might get a chuckle and/or some respect if anyone happened to activate that code path.
- Password Strength Estimation Library
-
Are passwords with words really safer than passwords with complex characters?
Please read some research on this subject before commenting in so opionated fashion. Some password strength estimators are grounded on good theory. Good example is https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/wheeler
zxcvbn is abandonware. Last commit was almost 4 years ago, in October 2017 updating the readme. It's certainly better than most of the competition, but it's also not designed for end users to test their password against. The library is built for organizations/services that provide authentication to give an idea to end users what the they think the strength of their password might be.
-
Passphrase Cracking Calculator
How does this compare with zxcvbn?
Stats
dropbox/zxcvbn is an open source project licensed under MIT License which is an OSI approved license.
Popular Comparisons
There are 32 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.