diff --git a/install/web.js b/install/web.js index 097d3eb9b6..ed87011440 100644 --- a/install/web.js +++ b/install/web.js @@ -50,6 +50,7 @@ var scripts = [ 'public/vendor/xregexp/unicode/unicode-base.js', 'public/src/utils.js', 'public/src/installer/install.js', + 'node_modules/zxcvbn/dist/zxcvbn.js', ]; var installing = false; @@ -131,6 +132,7 @@ function welcome(req, res) { success: success, values: req.body, minimumPasswordLength: defaults.minimumPasswordLength, + minimumPasswordStrength: defaults.minimumPasswordStrength, installing: installing, }); } diff --git a/public/src/installer/install.js b/public/src/installer/install.js index 6c912f00ac..ba8efa7261 100644 --- a/public/src/installer/install.js +++ b/public/src/installer/install.js @@ -1,5 +1,6 @@ 'use strict'; +/* global zxcvbn */ $('document').ready(function () { setupInputs(); @@ -75,6 +76,9 @@ $('document').ready(function () { } else if (field.length < $('[name="admin:password"]').attr('data-minimum-length')) { parent.addClass('error'); help.html('Password is too short.'); + } else if (zxcvbn(field).score < parseInt($('[name="admin:password"]').attr('data-minimum-strength'), 10)) { + parent.addClass('error'); + help.html('Password is too weak.'); } else { parent.removeClass('error'); } diff --git a/src/views/install/index.tpl b/src/views/install/index.tpl index 4f2f87cf46..aab7d7e253 100644 --- a/src/views/install/index.tpl +++ b/src/views/install/index.tpl @@ -72,7 +72,7 @@ <div class="row input-row"> <div class="col-sm-7 col-xs-12 input-field"> <label for="admin:password">Password</label> - <input type="password" class="form-control" name="admin:password" value="<!-- IF admin:password -->{admin:password}<!-- ENDIF admin:password -->" placeholder="Password" data-minimum-length="{minimumPasswordLength}" /> + <input type="password" class="form-control" name="admin:password" value="<!-- IF admin:password -->{admin:password}<!-- ENDIF admin:password -->" placeholder="Password" data-minimum-strength="{minimumPasswordStrength}" data-minimum-length="{minimumPasswordLength}" /> </div> <div class="col-sm-5 help-text" data-help="Use a combination of numbers, symbols, and different cases. You can change the strictness of password creation in the Admin Control Panel. Minimum {minimumPasswordLength} characters."></div> </div>