Package org.passay.entropy
Class ShannonEntropy
java.lang.Object
org.passay.entropy.ShannonEntropy
- All Implemented Interfaces:
Entropy
Entropy bits estimate defined in NIST SP-800-63-1 User Selected Passwords.
See PDF Publication A1. "User Selected Passwords"
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final doubleEntropy bonus of the first phase.private static final intLength of the first phase.private final booleanWhether at least 1 uppercase and special/symbol character is enforced.private final booleanWhether a dictionary was used to check the password.private final intSize of the password.private static final doubleEntropy bonus of the second phase.private static final intLength of the second phase.private static final int[]Array used for determining composition "bonus" for calculating the Shannon entropy estimate.private static final int[]Array used for determining dictionary entropy "bonus" for calculating the Shannon entropy estimate.private static final doubleEntropy bonus of the third phase.private static final intLength of the second phase. -
Constructor Summary
ConstructorsConstructorDescriptionShannonEntropy(boolean dictionaryCheck, boolean compositionCheck, int pwordSize) Creates a new shannon entropy estimate. -
Method Summary
Modifier and TypeMethodDescriptiondoubleestimate()Returns the entropy bits of a user selected password.
-
Field Details
-
FIRST_PHASE_LENGTH
private static final int FIRST_PHASE_LENGTHLength of the first phase.- See Also:
-
SECOND_PHASE_LENGTH
private static final int SECOND_PHASE_LENGTHLength of the second phase.- See Also:
-
THIRD_PHASE_LENGTH
private static final int THIRD_PHASE_LENGTHLength of the second phase.- See Also:
-
FIRST_PHASE_BONUS
private static final double FIRST_PHASE_BONUSEntropy bonus of the first phase.- See Also:
-
SECOND_PHASE_BONUS
private static final double SECOND_PHASE_BONUSEntropy bonus of the second phase.- See Also:
-
THIRD_PHASE_BONUS
private static final double THIRD_PHASE_BONUSEntropy bonus of the third phase.- See Also:
-
SHANNON_DICTIONARY_SIEVE
private static final int[] SHANNON_DICTIONARY_SIEVEArray used for determining dictionary entropy "bonus" for calculating the Shannon entropy estimate. -
SHANNON_COMPOSITION_SIEVE
private static final int[] SHANNON_COMPOSITION_SIEVEArray used for determining composition "bonus" for calculating the Shannon entropy estimate. -
hasDictionaryCheck
private final boolean hasDictionaryCheckWhether a dictionary was used to check the password. -
hasCompositionCheck
private final boolean hasCompositionCheckWhether at least 1 uppercase and special/symbol character is enforced. -
passwordSize
private final int passwordSizeSize of the password.
-
-
Constructor Details
-
ShannonEntropy
public ShannonEntropy(boolean dictionaryCheck, boolean compositionCheck, int pwordSize) Creates a new shannon entropy estimate.- Parameters:
dictionaryCheck- whether or not a common passwords dictionary is checked against the password (50,000 dictionary words are recommended)compositionCheck- whether at least 1 uppercase and special/symbol character is enforced (not using common substitutions such as s to $ are recommended)pwordSize- size of the password
-
-
Method Details
-
estimate
public double estimate()Returns the entropy bits of a user selected password. This estimate is based on a 94 Character Alphabet and is a "ballpark" estimate based on Claude Shannon's observations.See PDF Publication A1. "User Selected Passwords"
-