= pwdcalc
Improve the user experience and security of your web application within just a few seconds by installing the pwdcalc gem. It extends your password fields with a strength bar and hint, enforcing a minimum complexity for security reasons.
Take no risk and help your users to choose good passwords!
== Installation
Add pwdcalc to your Gemfile and bundle it up:
gem 'pwdcalc', :git => 'https://github.com/trimentor/pwdcalc.git'
Run the following command to install it:
bundle install
Run the installation generator:
rails g pwdcalc:install
== Usage
Add the following directives to your JavaScript manifest file:
//= require jquery.YAPSM.min //= require jquery.pwdcalc
Add the following directives to your CSS manifest file:
*= require pwdcalc
Use +Pwdcalc::FormBuilder+ to automatically create password field/-strength meter combinations:
<%= form_for @user, builder: Pwdcalc::FormBuilder do |f| %>
<%= text_field :username %>
<div class="field pwdcalc-form-group">
<%= f.label :password %><br>
<%= f.password_field :password %>
</div>
<div class="actions">
<%= f.submit %>
</div><% end %>
NOTE: It's required to wrap the control in +pwdcalc-form-group+.
=== Localized Hints
Add the following line somewhere inside your view (e.g. at the bottom of your form):
<%= pwdcalc_translated_hints %>
=== Dictionary Attacks
Many people have a tendency to choose passwords which are short, single words found in dictionaries or simple, easily-predicted variations on words, vulnerable for dictionary attacks.
It's easy to provide a list of obvious passwords. Just add the +data-dictionary+ attribute to the input field:
<%= f.password_field, :data => { :dictionary => 'obviousPasswords()' } %>
Keep in mind that the value should evaluate to an array.
=== Events
The +pwdcalc-submit+ event is sent to the document when the user is attempting to submit the form.
$(document).on('pwdcalc-submit', handler(eventObject, origEventObject, field))
The +pwdcalc-keyup-init+ event is sent to the document when the user releases a key on the keyboard and before a score and hint is shown or hidden.
$(document).on('pwdcalc-keyup-init', handler(eventObject, origEventObject, field))
The +pwdcalc-keyup-complete+ event is sent to the document when the user releases a key on the keyboard and after a score and hint is shown or hidden.
$(document).on('pwdcalc-keyup-complete', handler(eventObject, origEventObject, field))
== YAPSM (Yet Another Password Strength Meter)
The project page of this jQuery plugin can be found {here}[https://github.com/trimentor/YAPSM] on GitHub!
== Bug Tracker
Have a bug? Please create an issue {here}[https://github.com/trimentor/pwdcalc/issues] on GitHub!
https://github.com/trimentor/pwdcalc/issues
== Note on Patches/Pull Requests
- Fork the project.
- Make your feature addition or bug fix.
- Add tests for it. This is important so I don't break it in a future version unintentionally.
- Commit, do not mess with rakefile, version, or history.
- Send me a pull request. Bonus points for topic branches.
== Copyright
Copyright (c) 2012 Kjel Delaey, released under the MIT license.