1 unstable release
| 0.1.0 | Jul 31, 2025 |
|---|
#2214 in Cryptography
50KB
898 lines
Password Policy Library
A comprehensive Rust library for password generation and strength analysis with configurable security policies.
🌟 Features
- 🔐 Multiple Policy Types: Corporate and High-Security policies
- 🎲 Secure Generation: Cryptographically secure password generation
- 📊 Strength Analysis: Detailed password strength analysis with entropy calculations
- 🔧 Configurable: Fully customizable policy requirements
- 📦 Batch Operations: Generate and analyze multiple passwords efficiently
- 🚀 CLI Tool: Optional command-line interface
Installation
Add this to your Cargo.toml:
[dependencies]
password_policy = "0.1.0"
CLI Usage
Generate Passwords
# Generate 1 corporate policy password
cargo run -- generate
# Generate 5 high-security passwords
cargo run -- generate -c 5 -p high-security
# Generate 3 passwords with analysis
cargo run -- generate -c 3 -a
Analyze Password Strength
# Analyze a password with corporate policy
cargo run -- analyze "MyP@ssw0rd123"
# Analyze with high-security policy
cargo run -- analyze "X7\$kL9@nQ2&mP5!wR8#tU3*vY6+" -p high-security
View Policy Requirements
# Show corporate policy requirements
cargo run -- requirements
# Show high-security policy requirements
cargo run -- requirements -p high-security
Library Usage
use password_policy::{CorporatePolicy, HighSecurityPolicy, PasswordPolicy, PasswordManager};
// Using individual policies
let corporate_policy = CorporatePolicy::default();
let password = corporate_policy.generate();
let analysis = corporate_policy.analyze_strength(&password);
// Using the password manager
let manager = PasswordManager::new();
let passwords = manager.generate_batch(5, Some("corporate"));
let analyses = manager.analyze_batch(&passwords, Some("corporate"));
📋 Policy Types
Corporate Policy
Best for: Business environments, general secure applications
Default Requirements:
- Length: 12-128 characters
- Must contain uppercase letters
- Must contain lowercase letters
- Must contain numbers
- Must contain symbols
- At least 8 unique characters
- No common passwords or keyboard patterns
High-Security Policy
Best for: Sensitive systems, high-value accounts
Default Requirements:
- Minimum length: 16 characters
- Must contain all character types (upper, lower, numbers, symbols)
- Minimum entropy: 60.0 bits
- Advanced security scoring
🎯 CLI Commands Reference
generate - Generate Passwords
cargo run -- generate [OPTIONS]
Options:
-c, --count <COUNT> Number of passwords to generate [default: 1]
-p, --policy <POLICY> Policy to use (corporate, high-security) [default: corporate]
-a, --analyze Show analysis for generated passwords
-h, --help Print help
Examples:
# Basic generation
cargo run -- generate
# Generate multiple passwords
cargo run -- generate -c 5
# Generate with different policy
cargo run -- generate -p high-security
# Generate with immediate analysis
cargo run -- generate -c 3 -a -p corporate
analyze - Analyze Password Strength
cargo run -- analyze <PASSWORD> [OPTIONS]
Arguments:
<PASSWORD> Password to analyze (use quotes for spaces/symbols)
Options:
-p, --policy <POLICY> Policy to use for analysis [default: corporate]
-h, --help Print help
Examples:
# Basic analysis
cargo run -- analyze "password123"
# Analysis with different policy
cargo run -- analyze "MySecureP@ssw0rd2024!" -p high-security
# Complex password with special characters
cargo run -- analyze "Tr0ub4dor&3#MyL0ng\$ecureP@ss" -p corporate
requirements - Show Policy Requirements
cargo run -- requirements [OPTIONS]
Options:
-p, --policy <POLICY> Policy name to show requirements for [default: corporate]
-h, --help Print help
Examples:
# Show corporate requirements
cargo run -- requirements
# Show high-security requirements
cargo run -- requirements -p high-security
🔍 Password Analysis Details
The tool provides comprehensive analysis including:
- Strength Level: Very Weak, Weak, Fair, Good, Strong, Very Strong
- Numerical Score: 0-100+ point scoring system
- Entropy: Calculated in bits based on character set and length
- Crack Time Estimate: From "Instantly" to "Centuries"
- Character Composition: Breakdown of character types used
- Detailed Feedback: Specific suggestions for improvement
Strength Scoring Factors
- Length: Longer passwords score higher
- Character Variety: Using all character types (upper, lower, numbers, symbols)
- Uniqueness: Fewer repeated characters score better
- Pattern Avoidance: Penalties for common passwords and keyboard patterns
- Policy Compliance: Meeting specific policy requirements
🎨 Demo Output Examples
Password Generation Demo
🔐 Generating 3 password(s) with corporate policy:
1. K9#mL2@pQ5&wR8!tU
2. N7$vB4@xC6*zA3#eY
3. P2&qM8@jL5#kN9!sW
🔒 High-Security Policy Passwords:
1. X7$kL9@nQ2&mP5!wR8#tU3*vY6+
2. B4#zC9@mK6&qP2!xL5*sW8+nR7$
3. F3&jM8@vN5#kQ9!tL2*pW6+rY4$
Password Analysis Demo
📊 Analyzing password strength with corporate policy:
Password: MyP@ssw0rd!2024
Strength: Good (Score: 72)
Entropy: 67.8 bits
Time to crack: 2.3 million years
Character composition:
• Length: 14
• Lowercase: ✓
• Uppercase: ✓
• Numbers: ✓
• Symbols: ✓
• Unique chars: 13
Feedback:
• Consider avoiding common password patterns
• Excellent use of character variety
Policy Requirements Demo
📋 CORPORATE Policy Requirements:
- Length: 12-128 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least one symbol
- At least 8 unique characters
- No common passwords or words
- No keyboard patterns
Example Integration
use password_policy::{CorporatePolicy, PasswordPolicy, PasswordManager};
fn main() {
// Direct policy usage
let policy = CorporatePolicy::default();
// Generate compliant password
let password = policy.generate();
println!("Generated: {}", password);
// Verify compliance
if policy.meets_requirements(&password) {
println!("✓ Password meets policy requirements");
}
// Analyze strength
let analysis = policy.analyze_strength(&password);
println!("Strength: {} (Score: {})", analysis.strength, analysis.score);
println!("Entropy: {:.1} bits", analysis.entropy);
// Batch operations with manager
let manager = PasswordManager::new();
let passwords = manager.generate_batch(10, Some("corporate"));
let analyses = manager.analyze_batch(&passwords, Some("corporate"));
for (pwd, analysis) in passwords.iter().zip(analyses.iter()) {
println!("{}: {} ({})", pwd, analysis.strength, analysis.score);
}
}
🎮 Interactive Demo Session
# 1. Run the demo interface
$ cargo run
Password Generator & Strength Analyzer
=====================================
💡 Tip: Use 'password-tool --help' for CLI usage
🏢 Corporate Policy Passwords:
1. M8#kL5@pQ2&wR9!tU
2. N4$vB7@xC3*zA6#eY
3. P9&qM1@jL8#kN5!sW
🔒 High-Security Policy Passwords:
1. X7$kL9@nQ2&mP5!wR8#tU3*vY6+dH4
2. B4#zC9@mK6&qP2!xL5*sW8+nR7$jM1
3. F3&jM8@vN5#kQ9!tL2*pW6+rY4$bC7
📊 Password Strength Analysis:
🔑 Password: password123
Strength: Very Weak (Score: 15)
Entropy: 39.8 bits
Time to crack: 3 hours
Feedback:
• Password is too short
• Add symbols for better security
• Avoid common passwords and words
🔑 Password: MyP@ssw0rd!2024
Strength: Good (Score: 78)
Entropy: 79.2 bits
Time to crack: 89 thousand years
Feedback:
• Consider avoiding common password patterns
• Good use of character variety
🔑 Password: X7$kL9@nQ2&mP5!wR8#tU3*vY6+
Strength: Very Strong (Score: 98)
Entropy: 158.7 bits
Time to crack: Centuries
Feedback:
• Excellent password!
📋 Corporate Policy Requirements:
- Length: 12-128 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least one symbol
- At least 8 unique characters
- No common passwords or words
- No keyboard patterns
📋 High-Security Policy Requirements:
- Minimum length: 16 characters
- Must contain uppercase, lowercase, numbers, and symbols
- Minimum entropy: 60.0 bits
# 2. CLI usage examples
$ cargo run -- generate -c 3 -a
🔐 Generating 3 password(s) with corporate policy:
1. H2&mK8@qL5#pN9!wT
Strength: Strong (Score: 89)
2. F7$jM4@vB6*xC3#eZ
Strength: Strong (Score: 85)
3. R9&kL1@nQ8#mP4!sY
Strength: Strong (Score: 87)
$ cargo run -- analyze "weakpassword"
📊 Analyzing password strength with corporate policy:
Password: weakpassword
Strength: Very Weak (Score: 8)
Entropy: 43.9 bits
Time to crack: 4 days
Character composition:
• Length: 12
• Lowercase: ✓
• Uppercase: ✗
• Numbers: ✗
• Symbols: ✗
• Unique chars: 9
Feedback:
• Add uppercase letters
• Add numbers
• Add symbols for better security
$ cargo run -- requirements -p high-security
📋 HIGH-SECURITY Policy Requirements:
- Minimum length: 16 characters
- Must contain uppercase, lowercase, numbers, and symbols
- Minimum entropy: 60.0 bits
⚡ Performance Notes
- Password generation typically completes in microseconds
- Batch operations are optimized for large-scale use
- Analysis includes comprehensive entropy calculations
- Memory usage scales linearly with batch size
🔒 Security Considerations
- Uses cryptographically secure random number generation
- Implements industry-standard entropy calculations
- Avoids predictable patterns in generated passwords
- Checks against common password databases
- Provides realistic crack time estimates based on modern hardware
🎯 Use Cases
- Enterprise Security: Generate compliant passwords for company policies
- Security Audits: Analyze existing password strength across systems
- Development: Integrate secure password requirements into applications
- Education: Demonstrate password security concepts and best practices
- Personal Use: Generate strong passwords for high-value accounts
This tool provides a complete solution for modern password security needs, combining ease of use with enterprise-grade security features.
Dependencies
~0.3–11MB
~58K SLoC