zxcvbn is a password strength estimator inspired by password crackers. zxcvbnR provides an R interface to this Javascript library.
Through pattern matching and conservative estimation, it recognizes and weighs 30k common passwords, common names and surnames according to US census data, popular English words from Wikipedia and US television and movies, and other common patterns like dates, repeats (aaa), sequences (abcd), keyboard patterns (qwertyuiop), and l33t speak.
Currently the package isn't on CRAN. To install
devtools::install_github("jumpingrivers/zxcvbnR")The main function in the package is check_password()
library("zxcvbnR")
check_password("ABCDE")
#> Too guessable: risky password. (guesses < 10^3)
check_password("#rstats is great")
#> Very unguessable: strong protection from offline slow-hash scenario. (guesses >= 10^10)The function also returns a list containing other details
res = check_password("ABCDE")
#> Too guessable: risky password. (guesses < 10^3)
res$feedback
#> $warning
#> [1] "Sequences like abc or 6543 are easy to guess"
#>
#> $suggestions
#> [1] "Add another word or two. Uncommon words are better."
#> [2] "Avoid sequences"