olssonm / laravel-zxcvbn Goto Github PK

Referencing this block of code in the 'xcvbn_dictionary' test:

This will fail on ANY sequence match. So suppose the password includes pattern similar to one of the dictionary words, this property being checked for will be present. But it is not necessarily with regards to the username or email address. It could just be any other. This test should not fail in such a condition, but it will.

If you do want it to fail on any dictionary match, then the readme description needs to be updated.

This is a bit more interesting. zxcvbn_dictionary allows you to input both the users username and/or email, and their password. The validator checks that the password doesn't exist in the username, or that they are too similar.

I think it would make sense to extend "zxcvbn_min" to optionally accept the username and password as additional arguments, since that's where the target score can be set as well, and that's really what most users of this package are going to care about. I am going to go ahead and extend that to submit as a PR but let me know if you would not be willing to accept this.

As discussed in this thread bjeavons/zxcvbn-php#15 there is a discrepancy between bjeavons/zxcvbn-php and the upstream JS version.
The mkopinsky/zxcvbn-php fork fixes these issues and should probably be used instead of bjeavons/zxcvbn-php.

Wold it be possible to allow translations for the validators? Would be awesome for multi-lang projects