File Name
https://twitter.com/helvdog/status/308958348647206913
<helvdog> @solardiz Just wrote PHP version of passwdqc-check.c usable as a AJAX password strength checker. Interested in the code?
<@solardiz> @helvdog Yes, I'd like to take a look at your PHP version of passwdqc-check.c usable as a AJAX password strength checker. Thanks!
<@helvdog> @solardiz https://github.com/helver/PHP_passwdqc_check Be gentle. My ego is fragile.
<@solardiz> @helvdog Thanks! Are the pass/fail results from your PHP code meant to always match those of passwdqc_check.c? What testing did you perform?
<@helvdog> @solardiz My testing was not thorough. Mostly eyeballs and small samples. Do you have a test suite with results that I could run against?
<@solardiz> @helvdog You may also run both C and PHP on randomly generated strings for a long while and spot any different results
<@helvdog> @solardiz *grin* Yeah... I can do that. gonna take awhile though. The PHP code is not fast...
<@solardiz> @helvdog How fast is your code, e.g. in ms to check a typical good password on a modern CPU core with current versions of PHP?
<@helvdog> @solardiz I'm going to find out...
GenPhrase is based on passwdqc's pwqgen program, by Timo H
https://github.com/timoh6/GenPhrase
https://packagist.org/packages/genphrase/genphrase
http://timoh6.github.io/2014/08/20/GenPhrase-security-bug-bounties.html