|
我曾經介紹過一種保護用戶口令的方法。但是有些讀者提意見說,許多用戶使用很容易被猜出來的口令,因此有很多口令是不值得去保護的。為什么在用戶使用他們的寵物的名字和他們的生日作為口令時卻盡力精心的保護這些口令呢?你能夠而且應該執行一種更強的口令策略。在本期專欄,我將告訴你如何使用javascript。
口令策略是一組規則,用來確定哪些口令可以接受,哪些不能接受。典型的策略要求口令長度為八個字符,包含至少一個字母、一個數字和一個特殊字符,而且這些字符都應該是可打印字符。
這個口令檢查腳本執行三項檢查。如果三項中有任何一項不符合要求,它都會向用戶提示錯誤。
確保口令長度符合規定。
確保口令中只有字母、數字和特殊字符。
確保口令中至少有一個字母、一個數字和一個特殊字符。
首先在頭部< head> < /head>中加入以下內容:
< SCRIPT LANGUAGE="javascript" SRC="pwpolicy.js">
< /SCRIPT>
< SCRIPT LANGUAGE="javascript" SRC="pwchecker.js">
< /SCRIPT>
你可以像下面這樣設置“選擇標識和口令”按鈕的onClick句柄,以調用口令檢查腳本:
< INPUT TYPE="BUTTON" NAME="pwButton" VALUE="Select ID and Password"
onClick="checkPassword(´pwForm´,´pwField´)">
checkPassword()函數在pwchecker.js中定義。第二個.js文件pwpolicy.js指定口令策略。
// Passwordchecker
// This is the main password checking function.
function checkPassword(formName,passwordFieldName) {
pw = window.document.forms[formName].elements[passwordFieldName].value
if(checkPasswordLength(pw))
if(checkPasswordCharsAllowed(pw))
if(checkMinPasswordChars(pw))
window.document.forms[formName].submit();
}
// Check to make sure the password is at least minChars characters long.
function checkPasswordLength(pw) {
if(pw.lengthalert("Your password is less than "+minChars+" characters!")
alert("You must choose a password that is at least "+minChars+" characters in length.")
return false
}
return true
}
// Check to make sure that all of the characters in the password are allowed.
function checkPasswordCharsAllowed(pw) {
for(var i=0;ivar ch = pw.charAt(i);
if((isAlpha(ch) && !lettersAllowed)) {
alert("Your password contains a letter!")
alert("Letters are not allowed in passwords.")
return false
}else if(isNumber(ch) && !numbersAllowed) {
alert("Your password contains a number!")
alert("Numbers are not allowed in passwords.")
return false
}else if(isSpecial(ch) && !specialAllowed) {
alert("Your password contains a special character!")
alert("Special characters are not allowed in passwords.")
return false
}else if(!isAlpha(ch) && !isNumber(ch) && !isSpecial(ch)) {
alert("Your password contains a non-printable character!")
alert("Non-printable characters are not allowed in passwords.")
return false
}
}
return true
}
// Check to make sure the password has the required number of alphabetic, numeric, and
// special characters.
function checkMinPasswordChars(pw) {
var alpha = 0
var numeric = 0
var special = 0
for(var i=0;ivar ch = pw.charAt(i)
if(isAlpha(ch)) ++alpha
else if(isNumber(ch)) ++numeric
else if(isSpecial(ch)) ++special
}
var errMsg = "Your password does not contain the minimum number "
if(alpha < minLetters) {
errMsg += "(" + minLetters + ") "
errMsg += "of alphabetic characters!"
alert(errMsg)
return false
}else if(numeric < minNumbers) {
errMsg += "(" + minNumbers + ") "
errMsg += "of numeric characters!"
alert(errMsg)
return false
}else if(special < minSpecial) {
errMsg += "(" + minSpecial + ") "
errMsg += "of special characters!"
alert(errMsg)
return false
}
return true
}
// Functions used for character identification.
function isAlpha(ch) {
if(ch >= "a" && ch <= "z") return true
if(ch >= "A" && ch <= "Z") return true
return false
}
function isNumber(ch) {
if(ch >= "0" && ch <= "9") return true
return false
}
function isSpecial(ch) {
var special = new Array("!",""","#","$","%","&","´","(",")","*","+",",","-",".","/",
":",";","<","=",">","?","@","[","\","]","^","_","`","{","|","}","~")
for(var i=0;iif(ch == special[i]) return true
return false
}
// Password policy
var minChars = 8
var lettersAllowed = true
var numbersAllowed = true
var specialAllowed = true
var minLetters = 1
var minNumbers = 1
var minSpecial = 1
|
