비밀번호 정책 테스터
사용자 지정 정책 규칙으로 비밀번호를 테스트합니다(길이, 복잡성, 금지 단어).
정책 규칙
자주 묻는 질문
코드 구현
import re
from dataclasses import dataclass, field
from typing import Optional
@dataclass
class PasswordPolicy:
min_length: int = 8
max_length: int = 128
require_uppercase: bool = True
require_lowercase: bool = True
require_digit: bool = True
require_symbol: bool = True
min_unique_chars: int = 5
forbidden_patterns: list[str] = field(default_factory=lambda: [
r"(..)\1{2,}", # repeated two-char block 3+ times
r"(.)\1{3,}", # same char 4+ times in a row
r"(?i)password", # literal word "password"
r"(?i)qwerty",
])
symbol_chars: str = r"!@#$%^&*()-_=+[]{}|;':",./<>?"
@dataclass
class PolicyResult:
passed: bool
violations: list[str] = field(default_factory=list)
score: int = 0 # 0-100
def check_password(password: str, policy: Optional[PasswordPolicy] = None) -> PolicyResult:
if policy is None:
policy = PasswordPolicy()
violations: list[str] = []
score = 0
# Length checks
if len(password) < policy.min_length:
violations.append(f"Too short: minimum {policy.min_length} characters")
elif len(password) >= policy.min_length:
score += 25
if len(password) > policy.max_length:
violations.append(f"Too long: maximum {policy.max_length} characters")
# Character class checks
if policy.require_uppercase and not re.search(r"[A-Z]", password):
violations.append("Must contain at least one uppercase letter")
else:
score += 15
if policy.require_lowercase and not re.search(r"[a-z]", password):
violations.append("Must contain at least one lowercase letter")
else:
score += 15
if policy.require_digit and not re.search(r"\d", password):
violations.append("Must contain at least one digit")
else:
score += 15
if policy.require_symbol and not re.search(
f"[{re.escape(policy.symbol_chars)}]", password
):
violations.append("Must contain at least one symbol")
else:
score += 15
# Unique characters
if len(set(password)) < policy.min_unique_chars:
violations.append(f"Must use at least {policy.min_unique_chars} different characters")
else:
score += 15
# Forbidden patterns
for pattern in policy.forbidden_patterns:
if re.search(pattern, password):
violations.append(f"Contains forbidden pattern: {pattern}")
passed = len(violations) == 0
return PolicyResult(passed=passed, violations=violations, score=min(score, 100))
# Example usage
if __name__ == "__main__":
tests = ["abc", "Password1!", "C0rrectH0rseBatteryStaple!"]
policy = PasswordPolicy(min_length=12)
for pwd in tests:
result = check_password(pwd, policy)
print(f"{pwd!r}: passed={result.passed}, score={result.score}")
for v in result.violations:
print(f" - {v}")Comments & Feedback
Comments are powered by Giscus. Sign in with GitHub to leave a comment.