Active Password Checker - Assignment Four

CSCD 434 Network Security

Due: May 18th 100 points

Background
The purpose of an active password checker is to prevent the user from selecting a password or pass phrase that is easily guessed. This may be done by comparing potential passwords with a dictionary examining the mix of characters selected. Other features include suggesting appropriate passwords that include special characters or whatever the password policy is for a particular system.

Features
1. Ensure that the characters chosen for passwords are drawn from a sufficiently large set. Select a set of rules governing the characters that may be chosen, for example:

At least one punctuation character
At least one upper case
At least one lower case
At least one digit
7 - 8 characters total

2. Improve the chances that the password does not fall into one of the "easy to guess" category. Use a dictionary of bad passwords and a rule base, so that you exclude passwords that match:

Words in the bad password dictionary. This is a dictionary that you construct containing at least 30 bad passwords.
Exclude common variations of dictionary words.
Reverse of dictionary words
Reflections of dictionary words (Example: doggod)

3. You should have a primitive interface for allowing users to turn off or on the features above. For example, should be possible to check just words without worrying about their reflections.

4. Add a suggest feature that lets you suggest a password for the user to use.

If you do just the above amount of work, you will get most of the credit. To get full credit you must use a dictionary file as suggested below.

Full Credit
Use a real dictionary to check passwords against instead of the limited bad password list suggested above. Links to a free dictionary file are: Dictionary File - Cerias More Dictionary Files - Outpost 9

You might find other dictionary files that would work too.

Turn In

Documentation: (1) Brief description of the program. (2) How to Compile it. (3) How to run it including Operating System.

Test Results: Test cases - documentation of how it works. Test each feature to show it works as expected. Capture results in a text file.

Source Code and Executable: Include all files needed to compile it in a Linux or Windows environment (without .Net)