THIS IS A WORK IN PROGRESS AND IS NOT YET READY FOR USE
This script is designed to generate secure passwords and evaluate their strength. It calculates password strength based on entropy, character variety, and rule-based penalties, and includes optional dictionary checks for common passwords. It can also analyze passwords from a file or assess the strength of user-provided passwords.
- Password Generation: Generate random, secure passwords based on customizable character policies.
- Strength Evaluation: Check the strength of passwords based on entropy and rule-based criteria.
- Batch Verification: Verify the strength of multiple passwords from a file.
- Custom Dictionary Support: Use a custom dictionary to check for common or weak passwords.
- Detailed Reporting: Get detailed feedback and an estimated crack time for each password on both CPU and GPU.
-
Python 3.6+
-
tabulate library: Install via pip
pip install tabulate
The script provides several options for generating passwords, checking strength, and analyzing passwords from a file. Below are examples of each usage mode.
Generate a specified number of passwords of a given length:
python password_script.py -l 16 -c 5-l,--length: Specify the password length (default: 16).-c,--count: Specify the number of passwords to generate (default: 1).
Check the strength of a specific password:
python password_script.py --verify "YourPassword123!"Generate passwords and then evaluate their strength:
python password_script.py -l 16 -c 5 --verify-generatedCheck the strength of each password listed in a file:
python password_script.py --file passwords.txtThe passwords.txt file should contain one password per line.
Provide a custom dictionary file for password strength checking:
python password_script.py --verify "password" --dictionary custom_dict.txtSave generated passwords or verification results to a specified file:
python password_script.py -l 16 -c 5 --verify-generated --save results.txtThe output will display each password's strength information in a table format with the following columns:
- Password: The generated or provided password.
- Strength: The classification of password strength (Weak, Moderate, Strong, Very Strong).
- Entropy (bits): The calculated entropy of the password.
- Score: The password’s strength score.
- Score (%): The percentage of the maximum score achieved.
- Crack Time (CPU): Estimated time to crack the password using a CPU.
- Crack Time (GPU): Estimated time to crack the password using a GPU.
+-------------------------------+-------------+-------------------+----------+-------------+------------------------+-------------------------+
| Password | Strength | Entropy (bits) | Score | Score (%) | Crack Time (CPU) | Crack Time (GPU) |
+-------------------------------+-------------+-------------------+----------+-------------+------------------------+-------------------------+
| thisis another random password| Weak | 141.01 | 50 | 50.00% | 89.21 septillion years | 892.06 sextillion years |
+-------------------------------+-------------+-------------------+----------+-------------+------------------------+-------------------------+
The script's configuration includes default values for password policies and scoring:
- Password Policies: Customize policies such as character types (uppercase, lowercase, numbers, special characters), length bonuses, and penalties.
- Scoring Criteria: Adjust the scoring based on password length, character variety, entropy, and rule-based penalties.
These settings can be modified in the Config class in the script.
- File Not Found: If the specified file or dictionary file cannot be found, a warning is printed, and the script falls back to default settings.
- Empty Character Set: If no character type is enabled for password generation, an error is raised.
- Save Errors: If an error occurs while saving results, a message is displayed with details about the issue.
