Implement Password Health Report

Introduce a password health check to the application that evaluates every entry in a database. Entries that fail various tests are listed for user review and action. Also moves the statistics panel to the new Database -> Reports widget. Recycled entries are excluded from the results. We now have two classes, PasswordHealth to deal with a single password and HealthChecker to deal with all passwords of a database. Tests include passwords that are expired, re-used, and weak. * Closes #551 * Move zxcvbn usage to a centralized class (PasswordHealth) and replace its usages across the application to ensure standardized interpretation of entropy calculations. * Add new icons for the database reports view * Updated the demo database to show off the reports
2025-04-03 20:47:37 +03:00 · 2020-02-01 08:42:34 -05:00 · 2020-02-01 08:42:34 -05:00 · a81c6469a8
commit a81c6469a8
parent 71a39c37ec
38 changed files with 1364 additions and 75 deletions
--- a/tests/TestPasswordHealth.cpp
+++ b/tests/TestPasswordHealth.cpp
@ -0,0 +1,65 @@
+/*
+ *  Copyright (C) 2019 KeePassXC Team <team@keepassxc.org>
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 2 or (at your option)
+ *  version 3 of the License.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "TestPasswordHealth.h"
+#include "TestGlobal.h"
+
+#include "core/PasswordHealth.h"
+
+QTEST_GUILESS_MAIN(TestPasswordHealth)
+
+void TestPasswordHealth::initTestCase()
+{
+}
+
+void TestPasswordHealth::testNoDb()
+{
+    const auto empty = PasswordHealth("");
+    QCOMPARE(empty.score(), 0);
+    QCOMPARE(empty.entropy(), 0.0);
+    QCOMPARE(empty.quality(), PasswordHealth::Quality::Bad);
+    QVERIFY(!empty.scoreReason().isEmpty());
+    QVERIFY(!empty.scoreDetails().isEmpty());
+
+    const auto poor = PasswordHealth("secret");
+    QCOMPARE(poor.score(), 6);
+    QCOMPARE(int(poor.entropy()), 6);
+    QCOMPARE(poor.quality(), PasswordHealth::Quality::Poor);
+    QVERIFY(!poor.scoreReason().isEmpty());
+    QVERIFY(!poor.scoreDetails().isEmpty());
+
+    const auto weak = PasswordHealth("Yohb2ChR4");
+    QCOMPARE(weak.score(), 47);
+    QCOMPARE(int(weak.entropy()), 47);
+    QCOMPARE(weak.quality(), PasswordHealth::Quality::Weak);
+    QVERIFY(!weak.scoreReason().isEmpty());
+    QVERIFY(!weak.scoreDetails().isEmpty());
+
+    const auto good = PasswordHealth("MIhIN9UKrgtPL2hp");
+    QCOMPARE(good.score(), 78);
+    QCOMPARE(int(good.entropy()), 78);
+    QCOMPARE(good.quality(), PasswordHealth::Quality::Good);
+    QVERIFY(good.scoreReason().isEmpty());
+    QVERIFY(good.scoreDetails().isEmpty());
+
+    const auto excellent = PasswordHealth("prompter-ream-oversleep-step-extortion-quarrel-reflected-prefix");
+    QCOMPARE(excellent.score(), 164);
+    QCOMPARE(int(excellent.entropy()), 164);
+    QCOMPARE(excellent.quality(), PasswordHealth::Quality::Excellent);
+    QVERIFY(excellent.scoreReason().isEmpty());
+    QVERIFY(excellent.scoreDetails().isEmpty());
+}