HolyYin/password-analyzer

``` ♰ 𝚢𝚒𝚗 ♰ ``` # README - 密码分析器 # 强烈建议使用记事本打开此文件以获得更好的可读性 本项目包含一个用 Python 编写的简单密码分析器。 程序会要求用户输入一个密码，根据几项安全规则对其进行检查，并给出密码强度的反馈。 代码设计力求清晰易读。 1. 代码预期功能 ================================== 程序分析用户输入的密码，并检查其是否满足基本安全要求。 程序检查： - 密码是否出现在常见密码的单词列表中； - 密码长度是否在最小值和最大值之间； - 密码是否包含非 ASCII 字符； - 密码是否包含连续重复的字符； - 密码是否包含至少一个符号； - 密码是否包含至少一个数字； - 密码是否包含至少一个小写字母； - 密码是否包含至少一个大写字母。 分析结束时，密码将被分类为： - 强密码，如果满足所有主要要求； - 中等密码，如果只缺少一项字符类型要求； - 弱密码，如果缺少两项或多项字符类型要求，或发现其他重要问题。 如果密码无效或强度不够，程序会要求用户重新输入另一个密码。 2. 输入 ======== 程序通过 `input()` 函数接收用户输入的密码。 示例： Enter your password: Password123! 程序还使用一个外部单词列表文件。 该文件包含许多常见密码（10 万个），每行一个密码。 在代码中，单词列表文件路径存储在 `WORDLIST_PATH` 常量中： D:\informatica\python cod\cybersecurity related stuff\PswAnalyzer\100kmostcommon.txt 该文件必须存在于指定位置。如果不存在，Python 将引发错误，因为它无法打开文件。 3. 输出 ========= 程序打印一条描述密码强度的消息。 可能的输出： Strong password! Medium password. Suggestions: Add symbols Weak password. Suggestions: Add numbers, Add uppercase letters 程序还将一些消息存储在 `log` 列表中。 这些消息不会自动打印，但它们在程序内部保持可用，以便检查发现了哪些问题。 存储在 `log` 中的消息示例： Password 'password123' found in wordlist. 4. 代码解释 =================== import string # 从 Python 标准库导入 string 模块。该模块包含有用的预定义字符串，包括 string.punctuation，用于检查密码是否包含符号。 log = [] # 创建一个名为 log 的空列表。该列表存储在密码分析过程中发现的问题的消息。 MIN_LENGTH = 8 # 定义允许的最小密码长度。在此程序中，密码长度必须至少为 8 个字符。 MAX_LENGTH = 32 # 定义允许的最大密码长度。在此程序中，密码长度不得超过 32 个字符。 BASE_DIR = Path(__file__).resolve().parent # 获取此脚本所在的目录 WORDLIST_PATH = BASE_DIR / "100kmostcommon.txt" # 在该目录内构建单词列表文件的路径 def password_in_wordlist(psw): # 定义一个函数，用于检查存储在 psw 中的密码是否出现在单词列表文件中。 with open(WORDLIST_PATH, "r", encoding="utf-8", errors="ignore") as file: # 以只读模式打开单词列表文件。使用 UTF-8 作为编码，忽略不可读字符以避免解码错误。 for line in file: # 逐行读取文件。这很高效，因为整个文件不会一次性加载到内存中。 if psw == line.strip(): # 将用户的密码与当前行进行比较。strip() 移除行首尾的空格和换行符。 return True # 如果在单词列表中找到密码，则立即返回 True。 return False # 如果已检查整个文件且未找到密码，则返回 False。 def analyze_password(): # 定义程序的主函数。该函数请求密码、分析密码并打印结果。 first_attempt = True # 创建一个布尔变量，用于判断用户是否是第一次输入密码。 ``` while True: # Starts an infinite loop. The loop continues until the user enters a password that is considered strong and valid. if first_attempt: # Checks if this is the first password attempt. psw = input("Enter your password: ") # Asks the user to enter a password and stores the result inside the psw variable. first_attempt = False # Changes first_attempt to False so that the next time the loop runs, the program uses the second message. else: # Runs this block when it is not the first attempt anymore. psw = input("Please enter a valid password: ") # Asks the user to enter another password after the previous one was not accepted. is_valid = True # Starts by assuming the password is valid. If a serious problem is found, this value will be changed to False. suggestions = [] # Creates an empty list that will store suggestions for improving the password. if password_in_wordlist(psw): # Calls the password_in_wordlist function. If it returns True, the password is too common. log.append(f"Password '{psw}' found in wordlist.") # Adds a message to the log list explaining that the password was found in the wordlist. suggestions.append("Use a less common password") # Adds a suggestion telling the user to choose a less common password. is_valid = False # Marks the password as invalid because common passwords are not secure. if not (MIN_LENGTH <= len(psw) <= MAX_LENGTH): # Checks if the password length is outside the allowed range. len(psw) counts the number of characters in the password. log.append(f"Password '{psw}' does not meet length requirements.") # Adds a message to the log list explaining that the password length is not valid. suggestions.append(f"Use between {MIN_LENGTH} and {MAX_LENGTH} characters") # Adds a suggestion explaining the required password length. is_valid = False # Marks the password as invalid because it is too short or too long. if any(ord(c) > 127 for c in psw): # Checks whether at least one character is not part of the standard ASCII range. ord(c) returns the numeric code of a character. log.append(f"Password '{psw}' contains non-ASCII characters.") # Adds a message to the log list explaining that non-ASCII characters were found. suggestions.append("Use only ASCII characters") # Adds a suggestion telling the user to use only ASCII characters. is_valid = False # Marks the password as invalid because it contains non-ASCII characters. if any(psw[i] == psw[i + 1] for i in range(len(psw) - 1)): # Checks whether the password contains repeated consecutive characters, such as aa, 11, or !!. log.append(f"Password '{psw}' contains repeated characters.") # Adds a message to the log list explaining that repeated characters were found. suggestions.append("Avoid repeated characters") # Adds a suggestion telling the user to avoid repeated consecutive characters. is_valid = False # Marks the password as invalid because it contains repeated consecutive characters. results = { # Creates a dictionary called results. Each key represents a password requirement, and each value is either True or False. "symbols": any(c in string.punctuation for c in psw), # Checks whether the password contains at least one punctuation symbol. "numbers": any(c.isdigit() for c in psw), # Checks whether the password contains at least one number. "lowercase": any(c.islower() for c in psw), # Checks whether the password contains at least one lowercase letter. "uppercase": any(c.isupper() for c in psw), # Checks whether the password contains at least one uppercase letter. } # Closes the results dictionary. if not results["symbols"]: # Checks if the password does not contain any symbols. suggestions.append("Add symbols") # Adds a suggestion telling the user to add at least one symbol. if not results["numbers"]: # Checks if the password does not contain any numbers. suggestions.append("Add numbers") # Adds a suggestion telling the user to add at least one number. if not results["lowercase"]: # Checks if the password does not contain any lowercase letters. suggestions.append("Add lowercase letters") # Adds a suggestion telling the user to add at least one lowercase letter. if not results["uppercase"]: # Checks if the password does not contain any uppercase letters. suggestions.append("Add uppercase letters") # Adds a suggestion telling the user to add at least one uppercase letter. score = sum(results.values()) # Calculates the password score. True counts as 1 and False counts as 0, so the score is the number of character-type requirements that were met. if score == 4 and is_valid: # Checks whether all four character-type requirements were met and no serious validation problem was found. print("Strong password!") # Prints that the password is strong. return results # Ends the function and returns the results dictionary because the password has been accepted. if score == 3: # Checks whether exactly three out of four character-type requirements were met. print("Medium password. Suggestions:", ", ".join(suggestions)) # Prints that the password is medium and displays the improvement suggestions separated by commas. else: # Runs when the password is not strong and does not have a score of 3. print("Weak password. Suggestions:", ", ".join(suggestions)) # Prints that the password is weak and displays the improvement suggestions separated by commas. ``` analyze_password() # 调用主函数并启动程序。 ``` ♰ 𝚢𝚒𝚗 ♰ ```

标签：meg, Python编程, 代码可读性, 信息安全, 字符规则检查, 安全策略, 安全脚本, 实时分析, 密码分析, 密码分类, 密码强度检查, 密码验证, 常见密码检测, 提示词设计, 用户反馈, 网络安全, 逆向工具, 重复字符检测, 隐私保护, 非ASCII字符检测