Password Strength Meter XYZ Corporation has a problem. Their network was broken into last week by a hacker that successfully guessed one of their employee's passwords. The hacker seemed to be content to simply deface the company's web site, but it could have been much, much worse. Bob Jenkins, XYZ's head of security, has decided that it's time to solve this password problem once and for all. Bob has heard that you are taking a C language programming course. He wants you to create a password strength meter for him. Your program will allow an XYZ employee to enter the password that they are planning on using and your program will tell them if the proposed password is or is not strong. The new company policy is that everyone's password must be strong. Bob has been doing some reading. He has discovered that sometimes using a "pass phrase" is a better idea than using a "password". A passphrase is a sentence like string of words used for authentication that is longer than a traditional password, contains one or more spaces, is easy to remember and is difficult to crack. Typical passwords range, on average, from eight to 16 characters, while passphrases can reach up to 100 characters or more. Bob wants to have the option to permit XYZ employees to use pass phrases if he decides to permit it. Your program will have to detect when a user has entered a pass phrases (they contain one or more spaces) and then, if they are permitted, determine if they are strong also. Your program will be given a file of passwords that XYZ employees are planning using. You will apply your strength meter to each proposed password in the file and will report the results of analyzing each password. These are configuration settings that will be used when testing password strength: Max password length (128) Min password length (10) ● ● Allow pass phrases? (true/false) o Min phrase length (20) Are optional tests required? (true/ false) o #min optional tests to pass (4)
Required tests - a password *must* pass these tests in order to be considered strong:
[1] Enforce a minimum length
[2] Enforce a maximum length
[3] Forbid repeats: may not contain sequences of three or more repeated characters
An array of optional tests. These tests are "optional" in two senses:
1. Passphrases (passwords whose length exceeds min phrase length) are not obligated
to pass these tests provided that allow pass phrases is set to Boolean true (which it is
by default).
2. A password need only to pass # min optional tests in order to pass these optional tests and
be considered strong.
Optional tests:
[4] Contains at least one lowercase letter
[5] Contains at least one uppercase letter
[6] Contains at least one digit
[7] Contains at least one special character (not alpha, not digit)
Output:
Your program will produce the following output for each password that it processes:
Failed Tests : [1-3] or [1-7]
Passed Tests : [1-3] or [1-7]
Required Test Errors: [
'The password must be at least x characters long.'
'The password must be fewer than x characters.'
'The password may not contain sequence of three or more repeated
characters.'
]
Optional Test Errors: [
'The password must contain at least one lowercase letter.'
'The password must contain at least one uppercase letter.'
'The password must contain at least one number.'
'The password must contain at least one special character.'
]
Is a Pass phrase : true / false
Strong? : true / true
Total optional tests passed : #
Sample Data Sets:
The data file that you will be provided with will contain the following data:
1. Proposed passwords #1.txt
2. Proposed passwords #2.txt
3. Proposed passwords #3.txt
Each of the data files will contain the following flags at the top of the file:
Max password length
Min password length
Allow pass phrases? (0 - No/1 - Yes)
o Min phrase length [option only occurs if pass phrase permitted]
Are optional tests required? (0 - No/1 - Yes)
o Number of tests that must be passed in order to be approved [option only occurs if
optional tests are required]
C Homework #1 Notes:
1. There are 3 different data files. Create code that will cycle through the different files, process
them, and then go on to the next input file.
2. In order to find duplicate letters, you'll have to take each letter in the string and then compare it
to all of the other letters in the string. You'll, of course, get one match, you should not get many
more.
3. There are four different groups of "special" characters in the ASCII table - you have to check for all
of them.
Sample Output
Processing password file #1
Maximum password length: 12
Minimum password length: 10
Pass phrases are NOT allowed
Optional Tests are NOT allowed
Potential password: password
The password must be at least 10 characters long.
Password failed - it cannot be used.
Here's data file
Proposed passwords #1.txt
12
10
0
0
password
mypassword
thisismypassword
passssword
Proposed passwords #2.txt
15
10
1
20
1
2
This is my password phrase1
Tinypw1
Ireallydontlikehavingtomakeupnewpasswordsallthetime1
Iloveyouxxxooo1
Boom**********!
IHATEPWORDS1!
ihatepwords1!
IHatePwords!
IHatePwords
Just exactly how many words can you include in a password phrase?
Proposed passwords #3.txt
15
10
1
20
1
4
my pass phrase does not need to pass tests
short pass phrase
x
x1
Zxcvbnmnas7
Zxcvbnmnas~
Zxcvbnmnas7~
#include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <string.h>
Step by step
Solved in 3 steps