Singulink.Cryptography.PasswordChecker 0.11.0

Prefix Reserved
.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher. .NET Standard 2.0 This package targets .NET Standard 2.0. The package is compatible with this framework or higher.
There is a newer version of this package available.
See the version list below for details. 
dotnet add package Singulink.Cryptography.PasswordChecker --version 0.11.0
                    


                    

                
NuGet\Install-Package Singulink.Cryptography.PasswordChecker -Version 0.11.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Singulink.Cryptography.PasswordChecker" Version="0.11.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Singulink.Cryptography.PasswordChecker" Version="0.11.0" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Singulink.Cryptography.PasswordChecker" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Singulink.Cryptography.PasswordChecker --version 0.11.0
                    


                    

                
#r "nuget: Singulink.Cryptography.PasswordChecker, 0.11.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Singulink.Cryptography.PasswordChecker@0.11.0
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Singulink.Cryptography.PasswordChecker&version=0.11.0
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Singulink.Cryptography.PasswordChecker&version=0.11.0
                    


                            Install as a Cake Tool

Singulink.Cryptography.PasswordChecker

Chat on Discord View nuget packages Build and Test

Password Checker uses algorithms similar to dictionary attack password generators but in reverse - instead of generating passwords, it uses a matching rule system to check if the password follows a common password pattern with the most commonly used password words/phrases that dictionary attacks use to generate passwords, taking into account contextual information like your app/service name and the user's information (name, email address, etc). This makes it easy to detect passwords that are vulnerable to simple dictionary attacks and follow the latest NIST password guidelines, giving your users lots of flexibility when choosing their passwords while still protecting them, without having to maintain specialized password dictionaries.

We are a small team of engineers and designers dedicated to building beautiful, functional, and well-engineered software solutions. We offer very competitive rates as well as fixed-price contracts and welcome inquiries to discuss any custom development / project support needs you may have.

This package is part of our Singulink Libraries collection. Visit https://github.com/Singulink to see our full list of publicly available libraries and other open-source projects.

🚧 UNDER DEVERLOPMENT 🚧

Project is currently in beta and still needs to be properly documented but you are welcome to use it as you see fit.

Installation

The package is available on NuGet - simply install the Singulink.Cryptography.PasswordChecker package.

Supported Runtimes: Everywhere .NET Standard 2.0 is supported, including:

  • .NET
  • .NET Framework
  • Mono / Xamarin

End-of-life runtime versions that are no longer officially supported are not tested or supported by this library.

Usage

Password Checker is inteded to be used together with something like the Have I Been Pwned password database to disallow the use of top leaked passwords (or all leaked passwords) and rate-limiting (as per NIST guidelines) to get comprehensive dictionary attack protection. See our Pwned client/server implementation if you would like to self-host a pwned password lookup service internally.

More documentation is coming soon, but for now you can have a look at the tests to get an idea of how checking passwords works.

The default PasswordMatchersProvider implementation returns a set of matchers that cover the most easily dictionary attacked password patterns using curated common password data in CommonMatchers and contextual subjects you provide (i.e. the name of your service, the user's name / email address / etc). It matches with the top ~100 most common password words used in an easily predictable order.

If the check returns a match, you should display a message to the user something along the lines of "Password matches our dictionary of contextual and top 100 common word variations in a predictable order. Please add a word or two (uncommon words preferred) to your password to make it less predictable and succeptible to attacks". You can optionally display the list of matched texts to the user so they can see the simplified version of the text their password variation matched to.

The library is written to be extensible, so you can easily add your own matchers or override the default ones if you want to customize the behavior.

Further Reading

API to be documented soon...

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net8.0-windows10.0.19041 is compatible.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
0.13.0 131 7/6/2025
0.12.0 135 7/6/2025
0.11.0 67 7/5/2025
0.10.0 70 7/4/2025
0.9.0 70 7/4/2025