| [ Index ] |
PHP Cross Reference of Phabricator |
[Summary view] [Print] [Text view]
1 <?php 2 3 /** 4 * Check if a password is extremely common. Preventing use of the most common 5 * passwords is an attempt to mitigate slow botnet attacks against an entire 6 * userbase. See T4143 for discussion. 7 * 8 * @task common Checking Common Passwords 9 */ 10 final class PhabricatorCommonPasswords extends Phobject { 11 12 13 /* -( Checking Common Passwords )------------------------------------------ */ 14 15 16 /** 17 * Check if a password is extremely common. 18 * 19 * @param string Password to test. 20 * @return bool True if the password is pathologically weak. 21 * 22 * @task common 23 */ 24 public static function isCommonPassword($password) { 25 static $list; 26 if ($list === null) { 27 $list = self::loadWordlist(); 28 } 29 30 return isset($list[strtolower($password)]); 31 } 32 33 34 /** 35 * Load the common password wordlist. 36 * 37 * @return map<string, bool> Map of common passwords. 38 * 39 * @task common 40 */ 41 private static function loadWordlist() { 42 $root = dirname(phutil_get_library_root('phabricator')); 43 $file = $root.'/externals/wordlist/password.lst'; 44 $data = Filesystem::readFile($file); 45 46 $words = phutil_split_lines($data, $retain_endings = false); 47 48 $map = array(); 49 foreach ($words as $key => $word) { 50 // The wordlist file has some comments at the top, strip those out. 51 if (preg_match('/^#!comment:/', $word)) { 52 continue; 53 } 54 $map[strtolower($word)] = true; 55 } 56 57 // Add in some application-specific passwords. 58 $map += array( 59 'phabricator' => true, 60 'phab' => true, 61 'devtools' => true, 62 'differential' => true, 63 'codereview' => true, 64 'review' => true, 65 ); 66 67 return $map; 68 } 69 70 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Nov 30 09:20:46 2014 | Cross-referenced by PHPXref 0.7.1 |