Variables to check password strength

0 favourites
  • 8 posts
From the Asset Store
Easily store, modify, read and manipulate colors with Color Variables!
  • Greetings All,

    I'm trying to create a game where you enter a password and a meter fills based on how secure it is. The better, more secure, the password is, the more the meter fills. The parameters used to evaluate how good (or bad/weak) the password is would be the following (listed in increasing/better password strength).

    1. Less than 8 characters = weak.

    2. 8 or more characters = weak but better than 1.

    3. 8 or more characters with the inclusion of ONE of the following: uppercase letter, number, or symbol = better than first 2.

    4. 8 or more characters with the inclusion of TWO of the following: uppercase letter, number, or symbol = better than first 3.

    5. 8 or more characters with the inclusion of ALL THREE of the following: uppercase letter, number, and symbol = best password than all previous options - therefor fills the meter up most.

    For example: "password" is a much weaker password than "p@$sW0rD".

    I'm wondering how to store the above parameters in an array or with variables to check whatever the player enters against.

    Any suggestions would be greatly appreciated - thanks!

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads
  • Is there a way to create 1 array with all lowercase, another array with all lower and uppercase, etc., then compare what the player enters as their password against the correct array?

  • Its a simply score system.

    Scores for password length.

    Scores for if the password has lowercase and uppercase.

    Scores if digits are used.

    etc.

    Example:

    Max. score: 100

    5 conditions a 20 scores.

    ...

  • Thanks for the reply DAG.

    So how would I set it up so that the game recognizes ANY combination of lowercase letters vs. ANY combination of lowercase and uppercase vs. ANY combination of lowercase, uppercase AND number, vs ANY combo of lowercase, uppercase, number AND symbol?

    I think I could work it out if I could restrict the possible entries the player would input but I want them to be able to test any password they can think up and based on the parameters outlined above, receive a higher score (fuller meter) based on complexity.

    Thanks again!

  • Regular expressions!

    Have a look at the system expression:

    RegexMatchCount(String, Regex, Flags) - Return number of regex matches in a string.[/code:pp7zkf1a]
    String is your password. Regex is a regular expression pattern that matches whatever characters you want to look for. And Flags will be "g" for global so it checks for ALL matches and not just the first.  If you're unfamiliar with regular expressions then now is the time to go learn the basics ->.
    
    Some examples:
    \d - matches a digit
    [a-z] - matches any lowercase letter
    [A-Z] - matches any uppercase letter
    [^a-z] - matches anything that is NOT a lowercase letter
    [^a-zA-Z\d] - matches anything that is NOT a lowercase letter, uppercase letter or digit (ie. symbols + spaces)
    
    so RegexMatchCount(password, "\d", "g") will return the number of digits in password.
  • Many thanks, ramones. I think what you've provided is a great head start. I've searched but can't really find any great wealth of info or tutorials on Construct 2's use of regular expressions.

    I think the one area I need to keep digging at and resolve is how to pass the count passed to the text box in the .capx you provide to the fill meter to determine if it's a weak or strong password - i.e. meter 10% full = weak, vs meter 100% full = strong.

    For example:

    If the password is "password" that would equal 8 lowercase letters and the meter doesn't budge, or hardly budges.

    password is "PaSSwOrd" then that combines upper and lowercase letters so the meter is 35% full.

    password is "PaSSw0r6" then that combines upper, lowercase and numbers so the meter is 70% full.

    password is "P@SSw0r6" then that combines all: lowercase, uppercase, numbers and symbols (and is 8 or more characters) therefor the meter is 100% full.

    Again, many thanks for your help. Would welcome further suggestions. I'll keep digging.

  • I think it's just a matter of adding points for each criterion the password meets. Then you can set the meter width to the ratio of total points / max points. You get 20 points out of a possible 100 - set the meter width to MAX_WIDTH * 20/100.

    This site is good actually. It shows the formulas they use for scoring the password.

    Basic example: [attachment=0:1gjfev49][/attachment:1gjfev49]

  • Thanks ramones. I'm pretty sure I love you.

Jump to:
Active Users
There are 1 visitors browsing this topic (0 users and 1 guests)