Password Strength Evaluation

Objective:

We have learned the basic C++ features needed to write structured programs so we can begin to focus more on program design and problem solution. The object of this assignment is to analyze a problem, design a solution, then write a program to solve it. You are to design and write a program to perform password strength analysis by looking up a password in a common password table and/or calculating its strength rating by calculating the "entropy" of a password.

Instructions:

1. Ask the user to enter any password to have its strength checked.

• If the user enters 'quit' exit the program.
• If the user presses enter with an empty line, ask for the password again.

2. Make sure the entered password is not in a list of common passwords.

• The common password list is in a file named commonPasswords.dat
• Download commonPasswords.dat
• Do not ask the user to enter this filename...code it into your program. WARNING: The common password list is built from real-life password data and contains profanity, so if that would offend you do not visually examine the passwords in the list and do not enter profanity as passwords to test the program!
• The first entry in the common password file is the number of elements in the list.
• You are to read this number from the file, then dynamically allocate a common password array to exactly the right size.
• Read the data from the file into the array then close the file.

3. If the password is in the list, display its position in the list and reject it because it is a common password.

4. For passwords that are not rejected in the previous step:

• Calculate the entropy of the password using the formula below.
• Output the password strength rating based on its entropy using the Strength Rating table below.

5. For this program we will assume that passwords can consist of lower case, upper case, digits and special characters.

Challenge (optional):

If the user presses 'enter' with an empty line, randomly generate and display a "Strong" password (Entropy >= 60 but <128), then calculate and output the actual entropy of the password.

E = log(RL) Or Log2(RL)
L = The Length Of The Password*
R = The Sum Of The Character Pools Represented In The Password According To The Following Table*:

*For example:

• If only lower case letters are allowed, "further", R = 26, L=7.
• If upper and lower case are allowed: "Further", R = 52, L=7.
• If lower case, upper case and digits are allowed, "Furth3r", R = 62, L=7.
• If lower case, upper case, digits and specials are allowed: "F^rth3r", R = 94, L = 7.

NOTE: For this program we will assume that passwords can consist of lower case, upper case, digits and special characters.

Strength Rating:

Sample Output:

Enter a password to determine its strength ('quit' to exit):
further
Password 'further' strength is: Weak

Enter a password to determine its strength ('quit' to exit):
Father
Password 'Father' strength is: Weak

Enter a password to determine its strength ('quit' to exit):
Furth3r
Password 'Furth3r' strength is: Reasonable

Enter a password to determine its strength ('quit' to exit):
F^rth3r
Password 'F^rth3r' strength is: Reasonable

Enter a password to determine its strength ('quit' to exit):
e3tf5$E3-=
Password 'e3tf5$E3-=' strength is: Strong

Enter a password to determine its strength ('quit' to exit):
charles
Password 'charles' ranks 218 in common password list.

Enter a password to determine its strength ('quit' to exit):
1qa2ws
Password '1qa2ws' ranks 5722 in common password list.

Enter a password to determine its strength ('quit' to exit):
1234qwer
Password '1234qwer' ranks 109 in common password list.

Enter a password to determine its strength ('quit' to exit):
quit