Skip to content

sameenchand/pw-strength-analyzer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
static
static
 
 
templates
templates
 
 
Procfile
Procfile
 
 
README.md
README.md
 
 
app.py
app.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Password Strength Analyzer

A web application that analyzes password strength and checks if passwords have been compromised in data breaches using the Have I Been Pwned API.

Features

  • Password Strength Analysis: Evaluates passwords based on length, character variety, and complexity
  • Breach Detection: Checks if passwords have been found in known data breaches using the Have I Been Pwned API
  • Real-time Feedback: Provides instant visual feedback on password strength and security status
  • Clean UI: Simple, responsive web interface for easy password analysis

How It Works

The application uses a multi-layered approach to password analysis:

  1. Strength Evaluation: Analyzes password characteristics including:

    • Length (minimum 8 characters recommended)
    • Presence of uppercase letters
    • Presence of lowercase letters
    • Presence of numbers
    • Presence of special characters

  2. Breach Checking: Uses the Have I Been Pwned API to check if the password has been compromised in known data breaches

  3. Visual Feedback: Provides color-coded strength indicators and breach warnings

Installation

Prerequisites

  • Python 3.7 or higher
  • pip (Python package installer)

Setup

  1. Clone the repository:
git clone <repository-url>
cd pw_strength_analyzer
  1. Install required dependencies:
pip install -r requirements.txt
  1. Run the application:
python app.py
  1. Open your web browser and navigate to http://localhost:5000

Usage

  1. Enter a password in the input field
  2. Click the "Analyze" button
  3. View the results:
    • Strength Meter: Shows password strength (Weak/Moderate/Strong) with color coding
    • Breach Warning: Indicates if the password has been found in data breaches

Password Strength Criteria

  • Strong (Green): 12+ characters with uppercase, lowercase, numbers, and special characters
  • Moderate (Orange): 8+ characters with basic character variety
  • Weak (Red): Less than 8 characters or missing character variety

API Endpoints

  • GET /: Main application page
  • POST /analyze: Analyzes password strength and checks for breaches
    • Request body: {"password": "your_password"}
    • Response: {"breached": boolean, "breach_count": number, "strength": string, "strengthColor": string}

Security Features

  • Privacy-Focused: Passwords are processed securely using SHA-1 hashing for breach checking
  • No Storage: Passwords are not stored or logged
  • API Integration: Uses the secure Have I Been Pwned API for breach detection

Deployment

The application is configured for deployment on platforms like Heroku with the included Procfile:

web: python app.py

Dependencies

  • Flask 3.0.3 - Web framework
  • requests 2.32.3 - HTTP library for API calls
  • Standard Python libraries (hashlib, os, re)

Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Submit a pull request

License

This project is open source and available under the MIT License.

Disclaimer

This tool is for educational and personal use. Always follow best practices for password security and consider using a password manager for generating and storing strong, unique passwords.

About

A Flask-based web app to evaluate password complexity and detect breaches using Have I Been Pwned API.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages