The jQuery Password Strength Meter is a plugin for Twitter Bootstrap that provides rulesets for visualy displaying the quality of a users typed in password.
Dual licensed under the MIT and GPL licenses. You can choose the one that suits your purposes better.
AdminKit is a developer friendly & highly customizable Bootstrap 5 admin template featuring hundreds of UI components, forms, tables, charts and icons. Learn more.
- jQuery 1.7 or higher
- Bootstrap 2, 3, 4 or 5
This plugin currently relies heavily on Bootstrap and it is not possible to use it with another framework without making big changes in the code or forgetting completely about the UI feedback.
Forks to use it with another frameworks that I know of:
Get the latest version through Bower, npm, or just download it from this repository. Load it into your HTML after your original bootstrap and jQuery javascript files:
<script type="text/javascript" src="dist/pwstrength-bootstrap.min.js"></script>Then just invoke the plugin on the password fields you want to attach a strength meter to. For example, to use it on all the password fields with the default examples:
$(":password").pwstrength();To apply it only to one input and change the options:
$("#passwd1").pwstrength({
ui: { showVerdictsInsideProgressBar: true },
});Click here to find the complete list of options for the plugin.
If you are looking for options to change or add new texts, please have a look at the internationalization section.
Once the plugin has been initialized, it is possible to interact with it through the methods.
It is possible to force an update on a password strength meter. It will force
a new score calculation and an update of the UI elements, the onKeyUp
callback will be called.
$("#passwdfield").pwstrength("forceUpdate");This will remove the data associated to the meter, and the UI elements.
$("#passwdfield").pwstrength("destroy");The plugin comes with the functionality to easily define your own custom rules. The format is as follows:
$("#passwdfield").pwstrength(
"addRule",
"ruleName",
function (options, word, score) {},
rule_score,
rule_enabled
);Example:
$("#passwdfield").pwstrength(
"addRule",
"testRule",
function (options, word, score) {
return word.match(/[a-z].[0-9]/) && score;
},
10,
true
);It is possible to change the score given by a rule. It works like this:
$("#passwdfield").pwstrength("changeScore", "wordSequences", -100);That would penalize even more the presence of sequences in the password.
It is also possible to activate or deactivate rules. It as simple as:
$("#passwdfield").pwstrength("ruleActive", "wordSequences", false);That would avoid looking for sequences in the password being tested.
This method allows to make a quick check to test if all password inputs in the page pass a rule, the method returns a boolean value. Example:
$("#passwdfield").pwstrength("ruleIsMet", "wordSequences");The plugin provides three callback functions, onLoad, onKeyUp, and scoreCalculated. You can use them like this:
$(document).ready(function () {
var options = {};
options.common = {
onLoad: function () {
$("#messages").text("Start typing password");
},
onKeyUp: function (evt, data) {
$("#length-help-text").text(
"Current length: " +
$(evt.target).val().length +
" and score: " +
data.score
);
},
onScore: function (options, word, totalScoreCalculated) {
// If my word meets a specific scenario, I want the min score to
// be the level 1 score, for example.
if (
word.length === 20 &&
totalScoreCalculated < options.ui.scores[1]
) {
// Score doesn't meet the score[1]. So we will return the min
// numbers of points to get that score instead.
return options.ui.score[1];
}
// Fall back to the score that was calculated by the rules engine.
// Must pass back the score to set the total score variable.
return totalScoreCalculated;
},
};
$(":password").pwstrength(options);
});The plugin comes with two validation rules deactivated by default. One checks the length of the password and penalizes it if it's too long; and the other checks if the password contains a banned char, and penalizes it if it does.
You can configure the max length of the password by using the option maxChar.
You can also configure the invalid chars by using the option
invalidCharsRegExp.
If you need these restrictions you just need to activate this two rules:
$(document).ready(function () {
var options = {};
options.rules = {
activated: {
wordMaxLength: true,
wordInvalidChar: true,
},
};
$(":password").pwstrength(options);
});The plugin has support for internationalization. It also comes with some example translations, you can find them in the locales folder.
The plugin provides a default implementation of the translation function, but
you can override it using the option i18n.t.
The default implementation will try to make use of the popular i18next front-end translation tool. If you happen to use it, then you only need to add the translations into your resources and load them. The plugin will automatically make use of it. You can find more details about and how to use it i18next in their website. There is also an example in the repository that uses that library.
In case the i18next library is not available, then the default behavior is to return the english texts as a fallback.
You can find the non-rules texts in any of the provided translation example files, and besides what you find there, every rule name is a valid key for the translation file. You can use this to add new error messages (or remove them) for the engine rules.
If you want to manage translations yourself or you don't use i18next you can override the default translation function like this:
$(document).ready(function () {
var options = {};
options.i18n = {
t: function (key) {
var result = translateThisThing(key); // Do your magic here
return result === key ? "" : result; // This assumes you return the
// key if no translation was found, adapt as necessary
},
};
$(":password").pwstrength(options);
});You can find an example of some keys and translations in the locales folder.
There are some examples in the examples directory. Just serve them with any
webserver and check them in your browser. Make sure you serve the examples
directory as the site root. For example:
cd examples
python -m SimpleHTTPServerAnd go to localhost:8000.
Alternatively, you can check-out the examples in a hosted demo.
The build and testing processes rely on Grunt. To use them you need to have node.js and grunt-cli installed on your system. Assuming you have node.js in your Linux system, you'll need to do something like this:
sudo npm install -g grunt-cliNow you have the grunt command line utility installed globally.
To generate the bundle and the minified file you only need to execute this in the project directory:
npm install -d
gruntIt will check the source files, and build a minified version with its
corresponding source map. The generated files will be available in the dist
directory.
To run the tests the only thing you need to do is execute this in the project directory:
npm install -d
grunt testIt will check all the source files with ESLint and run the
tests, which are written with Jasmine. You'll find
the tests source code in the spec directory.
