Is there a live password verification tool available?

Currently, I am conducting some initial research for my school's IT department as a student employee. The students at our institution are required to change their passwords every six months, but many of them struggle with the various password regulations in place. This often leads to multiple attempts before successfully setting a new password.

The password rules include:

  • Must be a minimum of 8 characters long
  • Must contain three out of four types of characters (uppercase, lowercase, number, special character)
  • Cannot include the user's first, last, or middle name
  • Cannot include the user's username
  • Cannot match any previous passwords
  • User must input the password twice and they must match exactly

I have a few inquiries:

  • Is it feasible to develop a web-based password checker that offers real-time feedback while users type in their new password? My idea involves a checklist on one side of the page where green checkmarks activate as more criteria are met.
  • Can this checking process be completed securely and entirely on the client-side?
  • Where should one begin when tackling such a project? Are there any recommended guides available?

Keep in mind that I do not possess web development skills. Also, kindly refrain from making any humorous remarks such as "change the password policy" or "they're just unintelligent users."

javascriptajax

Answer №1

Could a dynamic password checker be developed for websites that gives immediate feedback as users input their new passwords? Imagine a checklist with green checkmarks activating as the password meets various criteria.

Absolutely.

Is it feasible to ensure secure checking?

While showing green lights may reveal information about where the password requirements are met, potentially leaking data.

Can this process be done solely on the client-side?

Yes.

Where should one begin when undertaking such a project?

Start by creating a list of rules in HTML alongside corresponding images for pass or fail. Implement programmable versions of these rules in JavaScript and test them sequentially during keypress events on the password input.

You'll also need to use an XMLHttpRequest object to verify if a password has been used before, ensuring stored passwords are securely hashed and salted.

I don't have experience in web development.

In that case, I recommend either hiring a web developer or learning the necessary skills yourself.

Please refrain from suggestions like "change the password policy."

Agreed, let's focus on the real issue at hand:

If users struggle to create passwords that meet the policy requirements, they may face difficulties remembering them. This can result in more password resets (adding to IT workload) and potentially insecure practices like writing down passwords.

Answer №2

Many of the criteria you define can be validated instantly with javascript, particularly utilizing regular expressions. However, verifying if a password has been previously used should be conducted securely on the server side.

Answer №3

Would it be feasible to develop a web-based password validator that offers immediate feedback while the user enters their new password? I envision a checklist on one side of the webpage where green checkmarks light up as more criteria are met.

Absolutely, but you'll need some knowledge of javascript to make it happen.

Is it viable to carry out this validation securely and entirely on the client-side?

Not completely, or maybe yes, or perhaps no. You can perform the validation solely on the client-side (except for checking against previous passwords, which would require database access). However, it's essential to remember that nothing done on the client-side is truly secure. Client-side actions should only serve as user guidance. All validation must be double-checked on the server.

I don't want to come across as condescending by suggesting a change in password policy simply because implementing validation might seem challenging. However, I do recommend sharing the following article with whoever sets the password guidelines:

Answer №4

  • It is essential that the password chosen does not correspond to any previous passwords used, as this requirement must be enforced on the server side for security purposes. Utilizing hashes or encryption can ensure a secure validation process and prevent client-side copies of passwords from posing a risk.

Answer №5

If you're new to web development, consider starting with regular expressions (regex). Check out this resource for an introduction: http://www.w3schools.com/jsref/jsref_obj_regexp.asp. It may seem daunting at first, but having a basic understanding of JavaScript is essential for tasks like this that involve client-side processing. And remember, it's crucial not to overlook password security.

Make sure the password does not match any previously used ones.

Implementing this feature solely on the client side can be risky and complex. Consider seeking assistance from external libraries for a more secure solution. Good luck as you navigate through this learning process!

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Incorporating external JavaScript files into a React Element

I am currently revamping my Portfolio Site to incorporate modals into one of the pages as part of the transition to a Single Page Application (SPA). The JavaScript code for these modals is stored in a "main.js" file, and the necessary tags are included in ...

javascriptreactjsimportcomponents

Angular2 (RC5) global variables across the application

I am seeking a solution to create a global variable that can be accessed across different Angular2 components and modules. I initially considered utilizing dependency injection in my `app.module` by setting a class with a property, but with the recent angu ...

javascriptangulartypescript

Remove cached documents and database entries using AJAX

When utilizing ajax to delete files from both the database and local, I am encountering an issue with deleting the correct file from the local storage. It seems that I am unable to pass the correct file name as it keeps deleting the top file listed on the ...

phpajax

Encounter a snag while using Chrome to access an external API through jQuery

I am currently utilizing jQuery to make a request to an external API via AJAX. $.ajax({ url: https://exampleAPI, method: "GET", contentType: "text/plain", dataType: "jso ...

javascriptjqueryajaxgoogle-chromeasp.net-mvc-4

Navigate through fabricated data not appearing in Express application

I have come across a handlebars template file within my Express app: {{#each data}} <article class="id-{{this.id}}"> <h1><a href="/journal/{{this.url}}">{{this.title}}</a></h1> <p>{{this.body}}</p> </ar ...

javascriptjsonnode.jsexpresshandlebars.js

Filtering a table with a customized set of strings and their specific order using pure JavaScript

Recently, I've been diving into APIs and managed to create a table using pure vanilla javascript along with a long list of sorting commands that can filter the table based on strings. My goal is to establish an object containing strings in a specific ...

javascriptjsonapifilter

Can someone provide a list of events for the .on function in Vanilla NodeJS?

Currently experimenting with NodeJS by testing basic backend functionalities like sending various HTTP requests from my index.html file to the server.js file. I plan to delve into Express soon. I've noticed a lack of documentation on NodeJS 'eve ...

javascriptnode.jsnpmeventemitter

Having trouble retrieving accurate JSON data from an excel workbook

Currently, I am utilizing the npm module xlsx for the purpose of writing and reading JSON data. My goal is to take this JSON data and write it into an Excel file: { "name": "John", "class": 1, "address" : [ { "street": "12th Cross", "city": "London" }, { ...

javascriptnode.jsjsonexcelnpm

What is the process of utilizing marked plugins within a Vue3 project?

I attempted to integrate the marked plugin into my Vue.js applications. After installing [email protected], I did not encounter any issues during compilation. However, when I viewed the contents in the browser, nothing appeared. My Vue project was built u ...

javascriptvue.jsvuejs3javascript-marked

Ensure that at least one mandatory field is implemented with React final form

Here is a code snippet that handles field validation: export const isOneFieldValid = (val: string) => { console.log(val) return val ? undefined : true } ... const validate = (field: string) => { switch (field) { case 'email': { ...

javascriptreactjsreact-final-form

Talebook: Unable to modify UI theming color

As I embark on creating my own theme in Storybook, I am closely following the guidelines outlined here: Currently, I have copied the necessary files from the website and everything seems to be working fine. However, I am facing an issue when trying to cus ...

javascriptangularstorybookthemingangular-storybook

The React MUI Tab component triggers a re-render and clears the states of its child components

In our endeavor to create a Tab Page using React MUI, we aim for each Tab to contain a child component. While there are no issues when adding these child components individually to a page without tabs, problems arise when incorporating them within the Tab ...

javascriptreactjsmaterial-uitabs

Store the information from an AJAX post request in a div element into the browser

I've set up a datatable with a button that posts data into a div. Below is the HTML code I used: HTML : <div class="card-body"> <div class="overlay" id="kt_datatable_nodata"> <div class="o ...

javascriptjqueryajaxdatatablelocal-storage

Once the grunt build process is complete, execute "heroku run fileName" to launch the

In order to gain a deeper understanding of Heroku scheduling, I decided to delve into an informative post on the topic and followed the instructions provided to build the app. The highlight of the post was when I successfully executed heroku run numCheck a ...

javascriptnode.jsangularjsherokuyeoman

An issue arises in vue.js where the v class binding takes precedence over other bindings and fails to properly remove

I have a game with a punching bag where I want to incorporate an animation class each time the bag is clicked. Once the health meter hits zero, I intend to replace the bag image with one depicting a burst bag. Things are running smoothly up until the poin ...

javascriptcssvue.js

Avoiding a jest compile error and executing the test efficiently

Here is my Vue.js code snippet: export default { name: 'App', components: { }, created() { let t = typeof t === 'undefined' ? {} : t; // ISSUE LINE } } The ISSUE LINE runs successfully in the browser without any errors an ...

javascriptvue.jsjestjsbabeljsbabel-jest

The ng-if directive seems to be causing issues within an ng-repeat loop when used in conjunction with bind-html

Below is the code I am using to bind html in my webpage: <div bind-html-compile="menuButtonView"></div> This is the code in my controller: dashboardService.getTemplateMetaData(data.templateCategory) .success(function(data) { console.lo ...

javascriptangularjsangularjs-ng-repeatangular-ng-ifng-bind-html

Is there a way to remove a dynamically rendered component from a list?

Whenever I click a button, the same component is dynamically rendered on top of the list. But now, I need to implement a feature where users can delete any component from the list by clicking a cancel button associated with each component. Here's my ...

javascriptreactjstypescript

How can we efficiently load a JSON file from a local path into an HTML document in a way that is compatible with all browsers?

I am attempting to retrieve JSON data from a local path and display it on a basic HTML page. I have tried various methods such as fetch, ajax in order to load the data and update the corresponding values on the web page. The goal is to host this page so t ...

javascriptjqueryhtmljsonajax

Tips for eliminating default classes from Mui Typography styling

I’ve been working on creating a Typography element and noticed some default MUI CSS classes added when debugging in the browser. I attempted to disable them by using empty arrays at the end of the sx prop, but it did not work as expected. In the image p ...

javascripthtmlcssreactjsmaterial-ui