Documentation For Zxcvbn Js 4 4 3 Rubydoc Info
Loading... Loading... Menu This page provides comprehensive documentation of all public APIs in the zxcvbn-js gem, including method signatures, parameters, return values, and usage examples. For installation and quick start examples, see Getting Started. For architectural details about the Ruby-JavaScript bridge, see Architecture. The zxcvbn-js gem exposes two primary APIs: Zxcvbn.test - Simple convenience method for single password testsZxcvbn::Tester - Performance-optimized class for testing multiple passwords Both APIs return identical result structures but differ in performance characteristics due to dictionary loading strategies.
The following diagram shows the public API surface and how the two APIs relate: Sources: lib/zxcvbn.rb5-17 lib/zxcvbn/tester.rb4-17 The Zxcvbn.test method provides the simplest API for password strength testing. It is suitable for one-off password validations or low-frequency testing scenarios. Returns an OpenStruct containing comprehensive password strength analysis. See Result Object Structure for detailed field documentation.
Basic password test: With user inputs: Strong password: The method exhibits the following behavior: - Creates fresh Tester instance - Each call instantiates a newTester object at lib/zxcvbn.rb14 - Loads dictionaries - The ~20MB dictionary data is loaded from data/zxcvbn.js on every call - JavaScript injection protection - Parameters are automatically JSON-escaped before JavaScript execution at lib/zxcvbn/tester.rb13 - Instance disposal - The Tester instance is garbage collected after the call completes Performance overhead: Each call incurs the cost of loading and parsing ~20MB of dictionary data.
For testing multiple passwords, use Zxcvbn::Tester instead (see Zxcvbn::Tester Class). Use Zxcvbn.test when: - Testing a single password per request - Memory footprint is a concern (no persistent dictionary storage) - Convenience is prioritized over performance - Password testing frequency is low For bulk password testing or high-frequency scenarios, see Zxcvbn::Tester Class. Sources: lib/zxcvbn.rb8-16 lib/zxcvbn/tester.rb12-15 README.md20-30 spec/zxcvbn_spec.rb3-21 The Zxcvbn::Tester class provides a performance-optimized API that persists the dictionary data in memory across multiple password tests. This is the recommended API for bulk password validation or high-frequency testing scenarios.
Creates a new Tester instance and loads the zxcvbn.js library with dictionaries into memory. Memory impact: Adds approximately 20MB to RSS (Resident Set Size) due to dictionary data that persists for the lifetime of the instance. Example: Tests a password using the pre-loaded dictionary data. Returns an OpenStruct with identical structure to Zxcvbn.test . See Result Object Structure.
The following diagram illustrates the performance difference between the two APIs: The key architectural decision is visible at lib/zxcvbn/tester.rb7-10 where the JavaScript context is created during initialization and stored in the @context instance variable, allowing it to persist across multiple test calls at lib/zxcvbn/tester.rb12-15 Use Zxcvbn::Tester when: - Testing multiple passwords in succession - Implementing batch validation workflows - Building password validation services with high request volumes - Performance is critical and 20MB RSS overhead is acceptable - The @context instance variable holds the compiled JavaScript environment with all dictionaries - Memory is released when the Tester instance is garbage collected - In long-running processes (e.g., Rails application), consider the persistent memory cost - For low-frequency testing, Zxcvbn.test may be more appropriate despite lower performance The implementation at lib/zxcvbn/tester.rb13 uses to_json to serialize parameters, which provides automatic escaping protection against JavaScript injection attacks.
This is validated by test cases at spec/zxcvbn_spec.rb35-45 Sources: lib/zxcvbn/tester.rb4-17 README.md32-46 spec/zxcvbn_spec.rb35-45 Both Zxcvbn.test and Zxcvbn::Tester#test return an OpenStruct containing comprehensive password strength analysis. The structure mirrors the output of the original zxcvbn.js library. The result object contains the following fields: The score field uses a 0-4 scale: guesses - Estimated number of attempts needed to crack the passwordguesses_log10 - Logarithmic representation, useful for very large numbers The sequence array contains detected patterns in the password.
Each pattern is a hash with fields that vary by pattern type: Common pattern fields: Dictionary pattern example: Spatial pattern example: Regex pattern example: The crack_times_seconds hash provides estimated crack times in seconds for four attack scenarios: The crack_times_display hash provides human-readable versions: The feedback hash contains user-facing messages: Since the result is an OpenStruct , fields can be accessed using dot notation: As noted in the README at README.md48-51 do not store the complete result object or entropy values in your database.
Storing password strength information can provide attackers with valuable data that makes cracking significantly easier. Only use the result object transiently during password validation.
Sources: README.md26-29 lib/zxcvbn/tester.rb14 spec/zxcvbn_spec.rb6-32 Refresh this wiki - API Reference - API Structure Overview - Zxcvbn.test Method - Method Signature - Parameters - Return Value - Usage Examples - Behavior Details - Performance Characteristics - When to Use - Zxcvbn::Tester Class - Initialization - Test Method - Parameters - Return Value - Usage Example - Performance Comparison - Internal Implementation Details - When to Use - Memory Management Considerations - Security Note - Result Object Structure - Result Fields - Score Values - Guesses Fields - Sequence Field - Crack Times - Feedback Field - Complete Example Result - Result Object Diagram - Accessing Result Fields - Security Warning
People Also Asked
- bitzesty/zxcvbn-js | DeepWiki
- GitHub - bitzesty/zxcvbn-js: Ruby port of Dropboxes zxcvbn javascript ...
- RubyDoc.info: File: README - Documentation for zxcvbn (1.0.0) - RubyDoc ...
- API Reference | bitzesty/zxcvbn-js | DeepWiki
- Zxcvbn - Documentation - Technical Manuals
- Project: zxcvbn - The Ruby Toolbox
bitzesty/zxcvbn-js | DeepWiki?
Creates a new Tester instance and loads the zxcvbn.js library with dictionaries into memory. Memory impact: Adds approximately 20MB to RSS (Resident Set Size) due to dictionary data that persists for the lifetime of the instance. Example: Tests a password using the pre-loaded dictionary data. Returns an OpenStruct with identical structure to Zxcvbn.test . See Result Object Structure.
GitHub - bitzesty/zxcvbn-js: Ruby port of Dropboxes zxcvbn javascript ...?
Loading... Loading... Menu This page provides comprehensive documentation of all public APIs in the zxcvbn-js gem, including method signatures, parameters, return values, and usage examples. For installation and quick start examples, see Getting Started. For architectural details about the Ruby-JavaScript bridge, see Architecture. The zxcvbn-js gem exposes two primary APIs: Zxcvbn.test - Simple co...
RubyDoc.info: File: README - Documentation for zxcvbn (1.0.0) - RubyDoc ...?
The following diagram shows the public API surface and how the two APIs relate: Sources: lib/zxcvbn.rb5-17 lib/zxcvbn/tester.rb4-17 The Zxcvbn.test method provides the simplest API for password strength testing. It is suitable for one-off password validations or low-frequency testing scenarios. Returns an OpenStruct containing comprehensive password strength analysis. See Result Object Structure f...
API Reference | bitzesty/zxcvbn-js | DeepWiki?
Sources: README.md26-29 lib/zxcvbn/tester.rb14 spec/zxcvbn_spec.rb6-32 Refresh this wiki - API Reference - API Structure Overview - Zxcvbn.test Method - Method Signature - Parameters - Return Value - Usage Examples - Behavior Details - Performance Characteristics - When to Use - Zxcvbn::Tester Class - Initialization - Test Method - Parameters - Return Value - Usage Example - Performance Comparison...
Zxcvbn - Documentation - Technical Manuals?
Loading... Loading... Menu This page provides comprehensive documentation of all public APIs in the zxcvbn-js gem, including method signatures, parameters, return values, and usage examples. For installation and quick start examples, see Getting Started. For architectural details about the Ruby-JavaScript bridge, see Architecture. The zxcvbn-js gem exposes two primary APIs: Zxcvbn.test - Simple co...
'/><text x='50%' y='52%' font-family='Arial,Helvetica,sans-serif' font-size='44' fill='white' text-anchor='middle' dominant-baseline='middle'>Gombloh</text></svg>)
