And the ministry of communications development in the name of muhammad al khorezmi tashkent university of information technologies
We can see dictionary rules enable us to provide a list of banned words
Download 175.21 Kb.
|
Mustaqil Ish-1
- Bu sahifa navigatsiya:
- 6.3. HistoryRule and SourceRule
- 6.4. Digest Rules
|
We can see dictionary rules enable us to provide a list of banned words. It's beneficial when we have a list of the most common or the easiest to break passwords. Therefore, it's reasonable to prohibit users from using them.
In real life, we would certainly load a list of words from a text file or a database. In that case, we can use WordLists. It has three overloaded methods that take an array of Readers and create ArrayWordList. 6.3. HistoryRule and SourceRuleFurthermore, the Passay library gives us HistoryRule and SourceRule. They can validate passwords against historical passwords or text content from various sources. Let's take a look at the example: SourceRule sourceRule = new SourceRule(); HistoryRule historyRule = new HistoryRule(); PasswordData passwordData = new PasswordData("123"); passwordData.setPasswordReferences( new PasswordData.SourceReference("source", "password"), new PasswordData.HistoricalReference("12345") ); PasswordValidator passwordValidator = new PasswordValidator( historyRule, sourceRule); HistoryRules help us checking whether a password has been used before. Because such practices are insecure, we don't want users to use old passwords. On the other hand, SourceRule allows us to check whether the password is different than those provided in SourceReferences. We can avoid the risk of having the same passwords in different systems or applications. It's worth mentioning that there are such rules as DigestSourceRule and DigestHistoryRule. We'll cover them in the next paragraph. 6.4. Digest RulesThere are two digest rules in the Passay library: DigestHistoryRule and DigestSourceRule. Digest rules are intended to work with passwords stored as digest or hash. Hence, to define them we need to provide an EncodingHashBean object. Let's see how it's done: List historicalReferences = Arrays.asList( new PasswordData.HistoricalReference( "SHA256", "2e4551de804e27aacf20f9df5be3e8cd384ed64488b21ab079fb58e8c90068ab" )); EncodingHashBean encodingHashBean = new EncodingHashBean( new CodecSpec("Base64"), new DigestSpec("SHA256"), 1, false ); This time we create HistoricalReference by a label and the encoded password to the constructor. After that, we've instantiated EncodingHashBean with the proper Codec and digest algorithm. Additionally, we can specify the number of iterations and whether the algorithm is salted. Once, we have an encoding bean, we can validate our digest password: PasswordData passwordData = new PasswordData("example!"); passwordData.setPasswordReferences(historicalReferences); PasswordValidator passwordValidator = new PasswordValidator(new DigestHistoryRule(encodingHashBean)); RuleResult validate = passwordValidator.validate(passwordData); Assert.assertTrue(validate.isValid()); We can learn more about EncodingHashinBean at Crytacular library webpage. 6.5. RepeatCharacterRegexRule
Download 175.21 Kb. Do'stlaringiz bilan baham: 
|