|
|
|
|
|
|
by zamadatix
1136 days ago
|
|
|
As noted excuse the basic check functions and use whatever you actually want for check criteria and the amount of work on the server side is still a factor <1 compared to writing that and then a different check on the server. If your password check logic is 50x the size of that though you might be overdoing it, but that's just an opinion. Again I'd argue you should really be validating server side as well anyways, fewer chances to mess something up and accept a weak password. |
|
|
I'm not saying not to reuse things, because I specifically think it should be two separate functions on the client, one of which is copied to the server. But if you insist on having only one client function, I think the server function should be cut down.
And the premise is doing client-only advice on strength so I'm not going to challenge that premise.
As far as 50x, your code doesn't need those consts saying the exact same thing as the results object, so that simplifies to 8 lines, and I think 400 lines for a good password estimator isn't unreasonable. zxcvbn's scoring function is around that size.