Project

devise-uncommon_password-alt

0.0
Bugfix fork ofdevise-uncommon_password
No commit activity in last 3 years
No release in over 3 years
devise-uncommon_password-altchocomilktea/devise-uncommon_passwordHomepageDocumentationSource CodeWiki
Devise extension to prevent users from using a common password.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
3,565
Stars
0
Forks
0
Watchers
1
 Releases
Current version
0.1.1
Total releases
2
First release
2020-05-19
Latest release
2020-05-20
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2019-03-02
Reverse Dependencies
0

 Dependencies

Development

sqlite3
>= 1.3.6, < 1.5

Runtime

devise
>= 3.5, < 4.8
rails
>= 4.2, < 6.1
 Project Readme

Notice

This project is not frequently maintained. Please check the original source: https://github.com/HCLarsen/devise-uncommon_password.

Devise Uncommon Password

Build Status Code Climate

Devise::UncommonPassword is an extension for the devise gem, which prevents users from signing up using one of the 100 most common passwords. The list is derived from 10-million-password-list-top-1000000.txt found at: https://github.com/danielmiessler/SecLists/blob/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt.

Usage

Add the :uncommon_password module to your model:

class AdminUser < ApplicationRecord
  devise :database_authenticatable,
         :recoverable, :rememberable, :trackable, :validatable, :uncommon_password
end

If it doesn't load, include this in the file you need or in application.rb

require 'devise/uncommon_password'

By default, the password is checked against the 100 most common passwords that fit within the minimum and maximum lengths specified in the /config/initializers/devise.rb file. However, if a developer wants to check against a larger list, they may override this default by adding the following line to that same file:

# Number of common passwords to check entered password against.
config.password_matches = 1000

Additional Enhancements

Added support to allow different password files to be loaded depending on environment

Internationalization and Customization

The default message for users who attempt to use a common password is:

is a very common password. Please choose something harder to guess.

This can be changed by modifying the devise.en.yml file, under errors/messages/common_password. Translations can be provided using the devise translation files in the same location.

en:
  errors:
    messages:
      common_password: 'is a very common password. Please choose something harder to guess.'

Installation

Add this line to your application's Gemfile:

gem 'devise-uncommon_password-alt'

And then execute:

$ bundle install

Contributing

You can contribute by doing the following:

  • Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
  • Fork it
  • Write your changes
  • Commit
  • Send a pull request

License

The gem is available as open source under the terms of the MIT License.