Interface PasswordValidationService


  • public interface PasswordValidationService
    Provides support for password validation, using an entropy-based method.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static int MAX_SCORE  
    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      boolean isAccepted​(User user, String oldPassword, String newPassword)
      Checks whether specified password is accepted.
      int score​(User user, String oldPassword, String newPassword)
      Scores the password on strength, based on its entropy and distance to the user's properties, old password, and configured banned words.
    • Method Detail

      • isAccepted

        boolean isAccepted​(User user,
                           String oldPassword,
                           String newPassword)
        Checks whether specified password is accepted. This is the case if the entropy is equal to or larger than the configured minimum entropy, and the password does not 'look like' one of the user's properties, their old password, or one of the configured properties. This is calculated using the Damerau-Levenshtein distance.
        Parameters:
        user - the user
        oldPassword - the user's old password
        newPassword - the user's new password
        Returns:
        Whether the password is accepted
        See Also:
        score(User, String, String)
      • score

        int score​(User user,
                  String oldPassword,
                  String newPassword)
        Scores the password on strength, based on its entropy and distance to the user's properties, old password, and configured banned words.
        Parameters:
        user - the user
        oldPassword - the user's old password
        newPassword - the user's new password
        Returns:
        the score of the password (range [0,MAX_SCORE])
        See Also:
        isAccepted(User, String, String)