password strength function with zxcvbn

src/abstractions/passwordGeneration.service.ts

@@ -8,4 +8,5 @@ export abstract class PasswordGenerationService {
     getHistory: () => Promise<GeneratedPasswordHistory[]>;
     addHistory: (password: string) => Promise<any>;
     clear: () => Promise<any>;
+    passwordStrength: (password: string, userInputs?: string[]) => zxcvbn.ZXCVBNResult;
 }

src/angular/components/register.component.ts

@@ -7,6 +7,7 @@ import { ApiService } from '../../abstractions/api.service';
 import { AuthService } from '../../abstractions/auth.service';
 import { CryptoService } from '../../abstractions/crypto.service';
 import { I18nService } from '../../abstractions/i18n.service';
+import { PasswordGenerationService } from '../../abstractions/passwordGeneration.service';
 import { PlatformUtilsService } from '../../abstractions/platformUtils.service';
 import { StateService } from '../../abstractions/state.service';
 
@@ -20,13 +21,16 @@ export class RegisterComponent {
     hint: string = '';
     showPassword: boolean = false;
     formPromise: Promise<any>;
+    masterPasswordScore: number;
 
     protected successRoute = 'login';
+    private masterPasswordStrengthTimeout: any;
 
     constructor(protected authService: AuthService, protected router: Router,
         protected i18nService: I18nService, protected cryptoService: CryptoService,
         protected apiService: ApiService, protected stateService: StateService,
-        protected platformUtilsService: PlatformUtilsService) { }
+        protected platformUtilsService: PlatformUtilsService,
+        protected passwordGenerationService: PasswordGenerationService) { }
 
     async submit() {
         if (this.email == null || this.email === '') {
@@ -55,6 +59,16 @@ export class RegisterComponent {
             return;
         }
 
+        const strengthResult = this.passwordGenerationService.passwordStrength(this.masterPassword, null);
+        if (strengthResult != null && strengthResult.score < 3) {
+            const result = await this.platformUtilsService.showDialog(this.i18nService.t('weakMasterPasswordDesc'),
+                this.i18nService.t('weakMasterPassword'), this.i18nService.t('yes'), this.i18nService.t('no'),
+                'warning');
+            if (!result) {
+                return;
+            }
+        }
+
         this.name = this.name === '' ? null : this.name;
         this.email = this.email.trim().toLowerCase();
         const kdf = KdfType.PBKDF2_SHA256;
@@ -87,4 +101,14 @@ export class RegisterComponent {
         this.showPassword = !this.showPassword;
         document.getElementById(confirmField ? 'masterPasswordRetype' : 'masterPassword').focus();
     }
+
+    updatePasswordStrength() {
+        if (this.masterPasswordStrengthTimeout != null) {
+            clearTimeout(this.masterPasswordStrengthTimeout);
+        }
+        this.masterPasswordStrengthTimeout = setTimeout(() => {
+            const strengthResult = this.passwordGenerationService.passwordStrength(this.masterPassword, null);
+            this.masterPasswordScore = strengthResult == null ? null : strengthResult.score;
+        }, 300);
+    }
 }

src/services/passwordGeneration.service.ts

@@ -1,3 +1,5 @@
+import * as zxcvbn from 'zxcvbn';
+
 import { CipherString } from '../models/domain/cipherString';
 import { GeneratedPasswordHistory } from '../models/domain/generatedPasswordHistory';
 
@@ -240,6 +242,20 @@ export class PasswordGenerationService implements PasswordGenerationServiceAbstr
         return await this.storageService.remove(Keys.history);
     }
 
+    passwordStrength(password: string, userInputs: string[] = null): zxcvbn.ZXCVBNResult {
+        if (password == null || password.length === 0) {
+            return null;
+        }
+        let globalUserInputs = ['bitwarden', 'bit', 'warden'];
+        if (userInputs != null) {
+            globalUserInputs = globalUserInputs.concat(userInputs);
+        }
+        // Use a hash set to get rid of any duplicate user inputs
+        const finalUserInputs = Array.from(new Set(globalUserInputs));
+        const result = zxcvbn(password, finalUserInputs);
+        return result;
+    }
+
     private async encryptHistory(history: GeneratedPasswordHistory[]): Promise<GeneratedPasswordHistory[]> {
         if (history == null || history.length === 0) {
             return Promise.resolve([]);