Overview¶

This Python package was built with the intention of implementing most of the recommendations in NIST Special Publication 800-63-2, titled “Electronic Authentication Guideline”. This is the link for the document: http://dx.doi.org/10.6028/NIST.SP.800-63-2 (if the link doesn’t work, you can download the document from here)

The main reason behind this implementation is to cover the need to check if passwords or pass-phrases meet minimum requirements in the system that uses it; Since “strong password” is mostly used in a subjective manner, I felt the need of a more research-based way of determining how strong or weak a password is. And this publication by NIST seemed to be the best resource available for this.

The first published version will contain checkers for levels 1 and 2 for Memorized Secret Tokens, but the intention is to organically grow the package and include implementation for other recommendations, and not only token verification.

Overview¶

Related Topics

This Page