Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

iOS Password Strength Checker

Tags:

security

passwords

ios

objective-c

iphone

Looking for suggestions on a password strength checker for objective-c. I did some googling and didn't find any hits, neither here on SO. I could write one up but thought I'd check here first - has anyone implemented one?

like image 570
capikaw Avatar asked Jan 27 '13 02:01

capikaw

People also ask

Are password strength checkers accurate?

Strength meters can only then provide reasonable guidance when they are accurate, i.e., their score correctly reflect password strength. A strength meter with low accuracy may do more harm than good and guide the user to choose passwords with a high score but low actual security.

How do I choose a password manager on my Iphone?

View saved passwords and passkeys in SettingsTap Settings, then select Passwords. In iOS 13 or earlier, select Passwords & Accounts, then tap Website & App Passwords. Use Face ID or Touch ID when prompted, or enter your passcode. To see a password or passkey, select a website or app.

1 Answers

I am only aware of two half-decent password strength estimators: zxcvbn (in CoffeeScript, compiles to JavaScript) and Passfault (in Java, appears to be intended as a webapp).

(Actually, that's is a slight lie; there was one in a PhD thesis I read a while back, but I'm not sure where I put the link.)

Every other password "strength" checker I've looked at in any detail has been flawed, often deeply flawed (e.g. GRC's "haystacks" assumes a very dumb bruteforce; even open-source password crackers are much more sophisticated) — the other day, the password strength meter of a large UK loyalty card scheme told me that "1Aa" was a "GOOD" password ("GOOD" is the highest rating).

(The other problem is that the password strength required depends on how it's being used: a 48-bit password like "W1mCj6B1" is fine for a Google account but incredibly weak as a Windows/Mac login password or a WPA passphrase.)

I don't think you're likely to find a decent one in Objective-C, given their rarity. If you do end up writing one, I have a few suggestions:

  • Write it in C (or maybe C++). This won't cost you much and will be far more portable; Objective-C pretty much ties you to OS X and iOS in the same way that .NET ties you to Windows (i.e. in theory you can port the runtime to other platforms; in practice it will be much less used outside of those platforms). To increase usage, you could add an Objective-C API.
  • Decide what to do about non-ASCII characters (and non-English languages in general). There are essentially two options:
    • Disallow them (people are used to it, right?)
    • Map to ASCII for strength estimation, e.g. by stripping accents (see NSWidthInsensitiveSearch and NSDiacriticInsensitiveSearch) and jumping through some hoops to map ı/İ/ß to i/I/ss. There's also kCFStringTransformToLatin which promises to transliterate most scripts to the Latin alphabet. This bit doesn't need to be in C because it'll heavily depend on Unicode libraries, although you may be able to use ICU.

Finally, password strength estimation is a hard problem. Guess the strength of 2jmj7l5rSw0yVb_vlWAYkK_YBwk. Now ask Google.

like image 185
tc. Avatar answered Nov 15 '22 16:11

tc.
Sign in to Comment

Related questions

add annotation to pdf
Scroll to TableViewHeader using "tableView:sectionForSectionIndexTitle:atIndex:" help?
AFNetworking Post Request with json feedback
iPhone UDP broadcast and response
Does applicationDidFinishLaunching: get called when application is updated and launched first time?
iphone app network connection disconnect after screen locking with new ios sdk 5.0
Instruments, Target Failed to run : Remote exception encountered : 'Failed to get task for pid'
Could i build a ARC framework and use it in a non-ARC project?
viewController appearing black when appearing
Should I use core data to store some user preferences or save it in NSUserDefaults?
UIImage Resize without loss of quality
Ruby on rails server app + IOS iphone client?
Proper way to quickly switch between videos
any option to know if apple app get the push notification?
Detecting iPhone Swipe with jQuery
How to share files between two xcode projects in workspace?
How to implement an ePub reader for an iPad/iPhone app [closed]
IP camera stream with UIWebview works on IOS 5 but not on IOS 6
How do I play the default Phone ringtone programmatically?
registerNib:forReuseidentifier with custom UTTableViewCell and Storyboards

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!