PasswordPolicy is both an executable binary that can be run, and a library that can be used in Rust programs.

Installing the `password-tool` executable

Assuming you have Rust/Cargo installed, run this command in a terminal:

cargo install password_policy

It will make the password-tool command available in your PATH if you've allowed the PATH to be modified when installing Rust. cargo uninstall password_policy uninstalls.

Adding `password_policy` library as a dependency

Run this command in a terminal, in your project's directory:

cargo add password_policy

To add it manually, edit your project's Cargo.toml file and add to the [dependencies] section:

password_policy = "0.1.0"

The password_policy library will be automatically available globally. Read the password_policy library documentation.

Back to the crate overview.

Readme

Password Policy Library

A comprehensive Rust library for password generation and strength analysis with configurable security policies.

🌟 Features

🔐 Multiple Policy Types: Corporate and High-Security policies
🎲 Secure Generation: Cryptographically secure password generation
📊 Strength Analysis: Detailed password strength analysis with entropy calculations
🔧 Configurable: Fully customizable policy requirements
📦 Batch Operations: Generate and analyze multiple passwords efficiently
🚀 CLI Tool: Optional command-line interface

Installation

Add this to your Cargo.toml:

[dependencies]
password_policy = "0.1.0"

CLI Usage

Generate Passwords

# Generate 1 corporate policy password
cargo run -- generate

# Generate 5 high-security passwords
cargo run -- generate -c 5 -p high-security

# Generate 3 passwords with analysis
cargo run -- generate -c 3 -a

Analyze Password Strength

# Analyze a password with corporate policy
cargo run -- analyze "MyP@ssw0rd123"

# Analyze with high-security policy
cargo run -- analyze "X7\$kL9@nQ2&mP5!wR8#tU3*vY6+" -p high-security

View Policy Requirements

# Show corporate policy requirements
cargo run -- requirements

# Show high-security policy requirements
cargo run -- requirements -p high-security

Library Usage

use password_policy::{CorporatePolicy, HighSecurityPolicy, PasswordPolicy, PasswordManager};

// Using individual policies
let corporate_policy = CorporatePolicy::default();
let password = corporate_policy.generate();
let analysis = corporate_policy.analyze_strength(&password);

// Using the password manager
let manager = PasswordManager::new();
let passwords = manager.generate_batch(5, Some("corporate"));
let analyses = manager.analyze_batch(&passwords, Some("corporate"));

📋 Policy Types

Corporate Policy

Best for: Business environments, general secure applications

Default Requirements:

Length: 12-128 characters
Must contain uppercase letters
Must contain lowercase letters
Must contain numbers
Must contain symbols
At least 8 unique characters
No common passwords or keyboard patterns

High-Security Policy

Best for: Sensitive systems, high-value accounts

Default Requirements:

Minimum length: 16 characters
Must contain all character types (upper, lower, numbers, symbols)
Minimum entropy: 60.0 bits
Advanced security scoring

🎯 CLI Commands Reference

generate - Generate Passwords

cargo run -- generate [OPTIONS]

Options:
  -c, --count <COUNT>      Number of passwords to generate [default: 1]
  -p, --policy <POLICY>    Policy to use (corporate, high-security) [default: corporate]
  -a, --analyze           Show analysis for generated passwords
  -h, --help              Print help

Examples:

# Basic generation
cargo run -- generate

# Generate multiple passwords
cargo run -- generate -c 5

# Generate with different policy
cargo run -- generate -p high-security

# Generate with immediate analysis
cargo run -- generate -c 3 -a -p corporate

analyze - Analyze Password Strength

cargo run -- analyze <PASSWORD> [OPTIONS]

Arguments:
  <PASSWORD>  Password to analyze (use quotes for spaces/symbols)

Options:
  -p, --policy <POLICY>  Policy to use for analysis [default: corporate]
  -h, --help            Print help

Examples:

# Basic analysis
cargo run -- analyze "password123"

# Analysis with different policy
cargo run -- analyze "MySecureP@ssw0rd2024!" -p high-security

# Complex password with special characters
cargo run -- analyze "Tr0ub4dor&3#MyL0ng\$ecureP@ss" -p corporate

requirements - Show Policy Requirements

cargo run -- requirements [OPTIONS]

Options:
  -p, --policy <POLICY>  Policy name to show requirements for [default: corporate]
  -h, --help            Print help

Examples:

# Show corporate requirements
cargo run -- requirements

# Show high-security requirements
cargo run -- requirements -p high-security

🔍 Password Analysis Details

The tool provides comprehensive analysis including:

Strength Level: Very Weak, Weak, Fair, Good, Strong, Very Strong
Numerical Score: 0-100+ point scoring system
Entropy: Calculated in bits based on character set and length
Crack Time Estimate: From "Instantly" to "Centuries"
Character Composition: Breakdown of character types used
Detailed Feedback: Specific suggestions for improvement

Strength Scoring Factors

Length: Longer passwords score higher
Character Variety: Using all character types (upper, lower, numbers, symbols)
Uniqueness: Fewer repeated characters score better
Pattern Avoidance: Penalties for common passwords and keyboard patterns
Policy Compliance: Meeting specific policy requirements

🎨 Demo Output Examples

Password Generation Demo

🔐 Generating 3 password(s) with corporate policy:
1. K9#mL2@pQ5&wR8!tU
2. N7$vB4@xC6*zA3#eY
3. P2&qM8@jL5#kN9!sW

🔒 High-Security Policy Passwords:
1. X7$kL9@nQ2&mP5!wR8#tU3*vY6+
2. B4#zC9@mK6&qP2!xL5*sW8+nR7$
3. F3&jM8@vN5#kQ9!tL2*pW6+rY4$

Password Analysis Demo

📊 Analyzing password strength with corporate policy:
Password: MyP@ssw0rd!2024

   Strength: Good (Score: 72)
   Entropy: 67.8 bits
   Time to crack: 2.3 million years
   Character composition:
     • Length: 14
     • Lowercase: ✓
     • Uppercase: ✓
     • Numbers: ✓
     • Symbols: ✓
     • Unique chars: 13
   Feedback:
     • Consider avoiding common password patterns
     • Excellent use of character variety

Policy Requirements Demo

📋 CORPORATE Policy Requirements:
- Length: 12-128 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least one symbol
- At least 8 unique characters
- No common passwords or words
- No keyboard patterns

Example Integration

use password_policy::{CorporatePolicy, PasswordPolicy, PasswordManager};

fn main() {
    // Direct policy usage
    let policy = CorporatePolicy::default();

    // Generate compliant password
    let password = policy.generate();
    println!("Generated: {}", password);

    // Verify compliance
    if policy.meets_requirements(&password) {
        println!("✓ Password meets policy requirements");
    }

    // Analyze strength
    let analysis = policy.analyze_strength(&password);
    println!("Strength: {} (Score: {})", analysis.strength, analysis.score);
    println!("Entropy: {:.1} bits", analysis.entropy);

    // Batch operations with manager
    let manager = PasswordManager::new();
    let passwords = manager.generate_batch(10, Some("corporate"));
    let analyses = manager.analyze_batch(&passwords, Some("corporate"));

    for (pwd, analysis) in passwords.iter().zip(analyses.iter()) {
        println!("{}: {} ({})", pwd, analysis.strength, analysis.score);
    }
}

🎮 Interactive Demo Session

# 1. Run the demo interface
$ cargo run
Password Generator & Strength Analyzer
=====================================
💡 Tip: Use 'password-tool --help' for CLI usage

🏢 Corporate Policy Passwords:
1. M8#kL5@pQ2&wR9!tU
2. N4$vB7@xC3*zA6#eY
3. P9&qM1@jL8#kN5!sW

🔒 High-Security Policy Passwords:
1. X7$kL9@nQ2&mP5!wR8#tU3*vY6+dH4
2. B4#zC9@mK6&qP2!xL5*sW8+nR7$jM1
3. F3&jM8@vN5#kQ9!tL2*pW6+rY4$bC7

📊 Password Strength Analysis:

🔑 Password: password123
   Strength: Very Weak (Score: 15)
   Entropy: 39.8 bits
   Time to crack: 3 hours
   Feedback:
     • Password is too short
     • Add symbols for better security
     • Avoid common passwords and words

🔑 Password: MyP@ssw0rd!2024
   Strength: Good (Score: 78)
   Entropy: 79.2 bits
   Time to crack: 89 thousand years
   Feedback:
     • Consider avoiding common password patterns
     • Good use of character variety

🔑 Password: X7$kL9@nQ2&mP5!wR8#tU3*vY6+
   Strength: Very Strong (Score: 98)
   Entropy: 158.7 bits
   Time to crack: Centuries
   Feedback:
     • Excellent password!

📋 Corporate Policy Requirements:
- Length: 12-128 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least one symbol
- At least 8 unique characters
- No common passwords or words
- No keyboard patterns

📋 High-Security Policy Requirements:
- Minimum length: 16 characters
- Must contain uppercase, lowercase, numbers, and symbols
- Minimum entropy: 60.0 bits

# 2. CLI usage examples
$ cargo run -- generate -c 3 -a
🔐 Generating 3 password(s) with corporate policy:
1. H2&mK8@qL5#pN9!wT
   Strength: Strong (Score: 89)

2. F7$jM4@vB6*xC3#eZ
   Strength: Strong (Score: 85)

3. R9&kL1@nQ8#mP4!sY
   Strength: Strong (Score: 87)

$ cargo run -- analyze "weakpassword"
📊 Analyzing password strength with corporate policy:
Password: weakpassword
   Strength: Very Weak (Score: 8)
   Entropy: 43.9 bits
   Time to crack: 4 days
   Character composition:
     • Length: 12
     • Lowercase: ✓
     • Uppercase: ✗
     • Numbers: ✗
     • Symbols: ✗
     • Unique chars: 9
   Feedback:
     • Add uppercase letters
     • Add numbers
     • Add symbols for better security

$ cargo run -- requirements -p high-security
📋 HIGH-SECURITY Policy Requirements:
- Minimum length: 16 characters
- Must contain uppercase, lowercase, numbers, and symbols
- Minimum entropy: 60.0 bits

⚡ Performance Notes

Password generation typically completes in microseconds
Batch operations are optimized for large-scale use
Analysis includes comprehensive entropy calculations
Memory usage scales linearly with batch size

🔒 Security Considerations

Uses cryptographically secure random number generation
Implements industry-standard entropy calculations
Avoids predictable patterns in generated passwords
Checks against common password databases
Provides realistic crack time estimates based on modern hardware

🎯 Use Cases

Enterprise Security: Generate compliant passwords for company policies
Security Audits: Analyze existing password strength across systems
Development: Integrate secure password requirements into applications
Education: Demonstrate password security concepts and best practices
Personal Use: Generate strong passwords for high-value accounts

This tool provides a complete solution for modern password security needs, combining ease of use with enterprise-grade security features.

Installing the password-tool executable

Adding password_policy library as a dependency

Installing the `password-tool` executable

Adding `password_policy` library as a dependency