Improve the user experience and security of your web application within just a few seconds by installing the pwdcalc gem. It extends your password fields with a strength bar and hint, enforcing a minimum complexity for security reasons.
Take no risk and help your users to choose good passwords!
Add pwdcalc to your Gemfile and bundle it up:
gem 'pwdcalc', :git => 'https://github.com/trimentor/pwdcalc.git'
Run the following command to install it:
bundle install
Run the installation generator:
rails g pwdcalc:install
Add the following directives to your JavaScript manifest file:
//= require jquery.YAPSM.min //= require jquery.pwdcalc
Add the following directives to your CSS manifest file:
*= require pwdcalc
Use Pwdcalc::FormBuilder to automatically create password field/-strength meter combinations:
<%= form_for @user, builder: Pwdcalc::FormBuilder do |f| %>
<div class="field">
<%= f.label :username %><br>
<%= text_field :username %>
</div>
<div class="field pwdcalc-form-group">
<%= f.label :password %><br>
<%= f.password_field :password %>
</div>
<div class="actions">
<%= f.submit %>
</div>
<% end %>
NOTE: It’s required to wrap the control in pwdcalc-form-group.
Add the following line somewhere inside your view (e.g. at the bottom of your form):
<%= pwdcalc_translated_hints %>
Many people have a tendency to choose passwords which are short, single words found in dictionaries or simple, easily-predicted variations on words, vulnerable for dictionary attacks.
It’s easy to provide a list of obvious passwords. Just add the data-dictionary attribute to the input field:
<%= f.password_field, :data => { :dictionary => 'obviousPasswords()' } %>
Keep in mind that the value should evaluate to an array.
The pwdcalc-submit event is sent to the document when the user is attempting to submit the form.
$(document).on('pwdcalc-submit', handler(eventObject, origEventObject, field))
The pwdcalc-keyup-init event is sent to the document when the user releases a key on the keyboard and before a score and hint is shown or hidden.
$(document).on('pwdcalc-keyup-init', handler(eventObject, origEventObject, field))
The pwdcalc-keyup-complete event is sent to the document when the user releases a key on the keyboard and after a score and hint is shown or hidden.
$(document).on('pwdcalc-keyup-complete', handler(eventObject, origEventObject, field))
The project page of this jQuery plugin can be found here on GitHub!
Have a bug? Please create an issue here on GitHub!
github.com/trimentor/pwdcalc/issues
-
Fork the project.
-
Make your feature addition or bug fix.
-
Add tests for it. This is important so I don’t break it in a future version unintentionally.
-
Commit, do not mess with rakefile, version, or history.
-
Send me a pull request. Bonus points for topic branches.
Copyright © 2012 Kjel Delaey, released under the MIT license.