activist
activist copied to clipboard
activist-org
Change message about how strong the password is in `auth` routes to be how long it would take to crack the password
Terms
- [x] I have searched open and closed feature requests
- [x] I agree to follow activist's Code of Conduct
Description
A very interesting feature that I saw in Pretalx based software is the password strength messages to the user. Specifically the amount of time that it would take to break the password is calculated and then printed to the user. This can be seen at the following by entering in a password:
https://cfp.cccv.de/39c3/login/?next=/39c3/cfp
I think it would be cool if we'd maybe do something similar for our password strength indicator :)
Contribution
Let's first discuss if this is worthwhile, and then if we do do this I'd be happy to support and/or review a PR! π
CC @nicki182 π What your opinion on this? Totally fine to close this if you think the current setup is better, but I figured it was worth opening an issue :)
Hi, Iβd like to contribute to this issue. Could you please assign it to me?
Hey @SuganthiThomas π Thanks for your interest. We can assign you once it's agreed that this issue will be worked on :) Let's let a few others from the community give feedback on whether this change should happen.
it can be done we just need to change the verification in the backend and use https://www.npmjs.com/package/zxcvbn they have a python package too
Thanks for the confirmation, @nicki182! @SuganthiThomas, I'll assign this to you, but maybe let's wait to start this until the weekend as we have a lot of frontend changes going through in #1547 :)
You can maybe start on the backend changes now and then go to the frontend when we have #1547 merged?
Thanks for your interest, @san-rizz-777 :) Let's wait on if @SuganthiThomas would like to work on this and then you can take over if not π
HI @andrewtavis ,
sorry for the earlier request. I realized this issue requires Vue.js, which I donβt have experience with. My background is in Angular, Java, and Spring Boot, so could you please unassign me? Thanks for understanding
If you'd like to try to learn some Vue, then you would be welcome to do so @SuganthiThomas :) Ultimately the work that's needed for the frontend is JS and TS in the Vue <script> block. Backend is Python, which we can support with.
I'll unassign for now and assign @san-rizz-777, but let us know if you'd like to do part of it and @san-rizz-777 can do the other π
Hi, Iβd like to contribute to this issue as well. I can help implement the password crack-time display using Vue + TS (maybe with zxcvbn). Would it be okay if I start working on a PR?
Thanks for your interest in the project, @shriya5752! @san-rizz-777 is currently working on it, but maybe we can figure out something where you do the frontend and @san-rizz-777 does the backend. @san-rizz-777, have you started working on this yet?
Ok, looking forward to the PR :) @shriya5752, maybe you can help review, and we'll also be opening up new issues later on today/tomorrow π
Hi! Iβd like to work on this issue. Could you please assign it to me? Would do this in an hour or two.
Thanks for your interest in the project, @NandanPaT-eL :) Let's give @san-rizz-777 a few more days. Please let us know if you need assistance, @san-rizz-777!
@andrewtavis I have made changes in backend , do I also have to run test cases for frontend?(for backend I had already done) , I will make pr till today EOD or tomorrow as earliest as possible.(I am almost done)
Would be best if this is updated in the frontend as well, @san-rizz-777, but again we can also let someone else pick that up. As you prefer :) We'll get to the review in the coming days, and feel free to send the frontend changes along to that PR if you do want to do them yourself π
Yeah sure I will make frontend changes in a few days.
Hi @san-rizz-777 @andrewtavis I noticed that this issue is still open. Are you still working on the frontend changes or would I be allowed to help as well? No worries if not :D
Thanks for your interest, @thorncoded! #1560 is open for this, and we've had some major major changes to bring in over the recent time. This PR will be brought in by end of week and then we can check in here on what other work is required π
Hi @andrewtavis, I'm entering into open source contribution for the first time and came across your issue. I have seen your message for the password strength and while it's catchy I do have some ideas to brainstorm with you if you're cool with it and also would like to contribute to the project. Hope we can catch up.
Thanks and regards, Imthiaz Muhassin
Hi @Imthiaz123 π We have #1560 open for part of this that we need to bring in and then we can get to the rest of this. Maybe we can prioritize this for the next bi-weekly sync from this Saturday on :) I'll update in the issue.
Sorry for the wait on the review, @san-rizz-777! Has been crazy busy recently getting the unit tests set up, but we do have this in mind.