|
|
|
|
6
|
|
6
|
|
7
|
[Verano 2016 - Ive - Coralys]
|
7
|
[Verano 2016 - Ive - Coralys]
|
8
|
|
8
|
|
9
|
-In almost every instance in which we want to solve a problem, we select among are one or more options that depend on whether certain conditions are met. Computer programs are built to solve problems, therefore they should have a structure that allows them to make decisions and select alternatives. In C++, selections are structured using `if`, `else`, `else if` or `switch`. Relational expressions and logical operators are common when handling selection structures. In this laboratory experience you will practice the use of some of these selection structures by completing the design of an application that determines the strength of a password.
|
|
|
|
|
9
|
+In almost every instance in which we want to solve a problem, we choose among are one or more options that depend on whether certain conditions are met. Computer programs are built to solve problems, therefore they should have a structure that allows them to make decisions and select alternatives. In C++, selections are structured using `if`, `else`, `else if` or `switch`. Relational expressions and logical operators are common when handling selection structures. In this laboratory experience, you will practice the use of some of these selection structures by completing the design of an application that determines the strength of a password.
|
10
|
|
10
|
|
11
|
## Objectives:
|
11
|
## Objectives:
|
12
|
|
12
|
|
|
|
|
|
20
|
|
20
|
|
21
|
1. Reviewed the following concepts:
|
21
|
1. Reviewed the following concepts:
|
22
|
|
22
|
|
23
|
- a. Logical operators.
|
|
|
|
|
23
|
+ a. logical operators.
|
24
|
|
24
|
|
25
|
b. `if`, `else`, `else if`.
|
25
|
b. `if`, `else`, `else if`.
|
26
|
|
26
|
|
|
|
|
|
34
|
|
34
|
|
35
|
---
|
35
|
---
|
36
|
|
36
|
|
37
|
-## Password strength
|
|
|
|
|
37
|
+## Password Strength
|
38
|
|
38
|
|
39
|
-Using strong passwords is essential to securing information. A password is considered strong if it is not cost-effective for a hacker to try and guess it using different methods or brute force. For example, a password that consists of a simple dictionary word, without digits, symbols or uppercase letters, is so easy to decipher that even a caveman could do it.
|
|
|
|
|
39
|
+Using strong passwords is essential to securing information. A password is considered strong if it is not cost-effective for a hacker to try and guess it using multiple methods or brute force. For example, a password that consists of a simple dictionary word, without digits, symbols or uppercase letters, is so easy to decipher that even a caveman could do it.
|
40
|
|
40
|
|
41
|
Since an official system to measure password strength doesn't exist, we will use formulas created by the passwordmeter to evaluate the general strength of a given password [1]. We recommend that you play around a bit with the application in http://passwordmeter.com so that you understand how the application you will be implementing should behave. The strength of the password will be quantified by adding points for using good techniques of password selection (like using symbols and letters), and subtracting points for using bad habits (like only using lowercase letters or consecutive symbols of the same type).
|
41
|
Since an official system to measure password strength doesn't exist, we will use formulas created by the passwordmeter to evaluate the general strength of a given password [1]. We recommend that you play around a bit with the application in http://passwordmeter.com so that you understand how the application you will be implementing should behave. The strength of the password will be quantified by adding points for using good techniques of password selection (like using symbols and letters), and subtracting points for using bad habits (like only using lowercase letters or consecutive symbols of the same type).
|
42
|
|
42
|
|
43
|
The following tables review the added and subtracted values for various criteria in passwords.
|
43
|
The following tables review the added and subtracted values for various criteria in passwords.
|
44
|
|
44
|
|
45
|
|
45
|
|
46
|
-### Assigning points to a password
|
|
|
|
|
46
|
+### Assigning Points to a Password
|
47
|
|
47
|
|
48
|
#### Adding Points:
|
48
|
#### Adding Points:
|
49
|
|
49
|
|
|
|
|
|
67
|
|
67
|
|
68
|
What follows are some additional details and examples for the criteria of **adding points**.
|
68
|
What follows are some additional details and examples for the criteria of **adding points**.
|
69
|
|
69
|
|
70
|
-1. **Number of characters:** this is the simplest criteria. The score will be $$4$$ times the length of the password. For example, `"ab453"` has a count of $$5$$ and a score of $$4 \cdot 5 = 20$$.
|
|
|
|
|
70
|
+1. **Number of Characters:** this is the simplest criteria. The score will be $$4$$ times the length of the password. For example, `"ab453"` has a count of $$5$$ and a score of $$4 \cdot 5 = 20$$.
|
71
|
|
71
|
|
72
|
-2. **Uppercase letters:** the score is $$2 \left(len - n \right)$$ if the password consists of a mix of uppercase letters **and** at least another type of character (lowercase, digits, symbols). If not, the score is $$0$$. For example:
|
|
|
|
|
72
|
+2. **Uppercase Letters:** the score is $$2 \left(len - n \right)$$ if the password consists of a mix of uppercase letters **and** at least another type of character (lowercase, digits, symbols). If not, the score is $$0$$. For example:
|
73
|
|
73
|
|
74
|
a. The score for `"ab453"` would be $$0$$ since it doesn't have uppercase letters (the count is also $$0$$).
|
74
|
a. The score for `"ab453"` would be $$0$$ since it doesn't have uppercase letters (the count is also $$0$$).
|
75
|
|
75
|
|
|
|
|
|
77
|
|
77
|
|
78
|
c. The score for `"SANC8in"` would be $$2 \left(7-4\right) = 6$$ since the password has a length of $$7$$, has $$4$$ uppercase letters, and contains characters of another type (the count is $$4$$).
|
78
|
c. The score for `"SANC8in"` would be $$2 \left(7-4\right) = 6$$ since the password has a length of $$7$$, has $$4$$ uppercase letters, and contains characters of another type (the count is $$4$$).
|
79
|
|
79
|
|
80
|
-3. **Lowercase letters:** the score is $$2 \left(len - n\right)$$ if the password is a mix of lowercase letters **and** at least another type of character (uppercase, digits, symbols). If not, the score is $$0$$. For example:
|
|
|
|
|
80
|
+3. **Lowercase Letters:** the score is $$2 \left(len - n\right)$$ if the password is a mix of lowercase letters **and** at least another type of character (uppercase, digits, symbols). If not, the score is $$0$$. For example:
|
81
|
|
81
|
|
82
|
a. The score for `"ab453"` would be $$2 \left(5-2\right) = 6$$ because the password has a length of$$5$$, has $$2$$ lowercase letters, and contains characters of another type. The count is $$2$$.
|
82
|
a. The score for `"ab453"` would be $$2 \left(5-2\right) = 6$$ because the password has a length of$$5$$, has $$2$$ lowercase letters, and contains characters of another type. The count is $$2$$.
|
83
|
|
83
|
|
|
|
|
|
93
|
|
93
|
|
94
|
c. The score for `801145555` would be $$0$$ because it **only** has digits.
|
94
|
c. The score for `801145555` would be $$0$$ because it **only** has digits.
|
95
|
|
95
|
|
96
|
-5. **Symbols:** The score is $$6n$$ if the password contains $$n$$ symbols. Otherwise, the score is $$0$$. For example:
|
|
|
|
|
96
|
+5. **Symbols:** the score is $$6n$$ if the password contains $$n$$ symbols. Otherwise, the score is $$0$$. For example:
|
97
|
|
97
|
|
98
|
a. The score for `"ab453"` would be $$0$$ because it does not contain symbols.
|
98
|
a. The score for `"ab453"` would be $$0$$ because it does not contain symbols.
|
99
|
|
99
|
|
100
|
- b. The score for `"ALGO!!"` would be $$6 \cdot 2$$ because it contains $$2$$ symbols and contains other types of characters.
|
|
|
|
|
100
|
+ b. The score for `"ALGO!!"` would be $$6 \cdot 2 = 12$$ because it contains $$2$$ symbols and contains other types of characters.
|
101
|
|
101
|
|
102
|
c. The score for `"---><&&"` would be $$6 \cdot 7 = 42$$ because it contains $$7$$ symbols. Note that in the case of symbols, points are given even when there aren't other types of characters.
|
102
|
c. The score for `"---><&&"` would be $$6 \cdot 7 = 42$$ because it contains $$7$$ symbols. Note that in the case of symbols, points are given even when there aren't other types of characters.
|
103
|
|
103
|
|
104
|
-6. **Digits or symbols in the middle:** the score is $$2n$$ if the password has symbols or digits that are not in the first or last position. For example:
|
|
|
|
|
104
|
+6. **Digits or Symbols in the Middle:** the score is $$2n$$ if the password has symbols or digits that are not in the first or last position. For example:
|
105
|
|
105
|
|
106
|
a. The score for `"ab453"` would be $$2 \cdot2 = 4$$ because it has 2 digits that are not in the first or last position, these are `4` and `5`.
|
106
|
a. The score for `"ab453"` would be $$2 \cdot2 = 4$$ because it has 2 digits that are not in the first or last position, these are `4` and `5`.
|
107
|
|
107
|
|
|
|
|
|
109
|
|
109
|
|
110
|
c. The score for `S&c8i7o!` would be $$2 \cdot 3 = 6$$ because it has $$3$$ symbols or digits in the middle, these are `&`, 8`, and `7`.
|
110
|
c. The score for `S&c8i7o!` would be $$2 \cdot 3 = 6$$ because it has $$3$$ symbols or digits in the middle, these are `&`, 8`, and `7`.
|
111
|
|
111
|
|
112
|
-7. **Requisites:** The score is $$2n$$ only if the length criteria **and** 3 or 4 of the other criteria are met, where $$n$$ is the number of *criteria* that are met. The criteria are:
|
|
|
|
|
112
|
+7. **Requisites:** the score is $$2n$$ only if the length criteria **and** 3 or 4 of the other criteria are met, where $$n$$ is the number of *criteria* that is met. The criteria are:
|
113
|
|
113
|
|
114
|
a. The password must have 8 or more characters of length.
|
114
|
a. The password must have 8 or more characters of length.
|
115
|
|
115
|
|
|
|
|
|
132
|
iii. The score for `"abAB99!!"` would be $$2 \cdot 5 = 10$$ because the length criteria and the other 4 criteria are met.
|
132
|
iii. The score for `"abAB99!!"` would be $$2 \cdot 5 = 10$$ because the length criteria and the other 4 criteria are met.
|
133
|
|
133
|
|
134
|
|
134
|
|
135
|
-#### Subtracting points
|
|
|
|
|
135
|
+#### Subtracting Points
|
136
|
|
136
|
|
137
|
---
|
137
|
---
|
138
|
|
138
|
|
|
|
|
|
151
|
|
151
|
|
152
|
The following are additional details and examples of the criteria for **subtracting points**.
|
152
|
The following are additional details and examples of the criteria for **subtracting points**.
|
153
|
|
153
|
|
154
|
-1. **Letters only:** The score is $$-len$$ for a password that consists of letters only, otherwise it is $$0$$. For example:
|
|
|
|
|
154
|
+1. **Letters Only:** the score is $$-len$$ for a password that consists of letters only, otherwise it is $$0$$. For example:
|
155
|
|
155
|
|
156
|
a. The score for `"ab453"` would be $$0$$ since it contains letters and numbers.
|
156
|
a. The score for `"ab453"` would be $$0$$ since it contains letters and numbers.
|
157
|
|
157
|
|
158
|
b. The score for `"Barrunto"` would be $$-8$$ since it only contains letters and its length is $$8$$.
|
158
|
b. The score for `"Barrunto"` would be $$-8$$ since it only contains letters and its length is $$8$$.
|
159
|
|
159
|
|
160
|
-2. **Digits only:** The score is $$-len$$ for a password that consists of digits only, otherwise it is $$0$$. For example:
|
|
|
|
|
160
|
+2. **Digits Only:** the score is $$-len$$ for a password that consists of digits only, otherwise it is $$0$$. For example:
|
161
|
|
161
|
|
162
|
a. The score for `"ab453"` would be $$0$$ since it contains only letters and numbers.
|
162
|
a. The score for `"ab453"` would be $$0$$ since it contains only letters and numbers.
|
163
|
|
163
|
|
164
|
- b. The score for `"987987987”` would be $$-9$$ since it contains only digits and its length is $$9$$.
|
|
|
|
|
164
|
+ b. The score for `"987987987"` would be $$-9$$ since it contains only digits and its length is $$9$$.
|
165
|
|
165
|
|
166
|
-3. **Consecutive uppercase letters:** The score is $$-2n$$ where $$n$$ is the number of uppercase letters that follow another uppercase letter. For example,
|
|
|
|
|
166
|
+3. **Consecutive Uppercase Letters:** the score is $$-2n$$ where $$n$$ is the number of uppercase letters that follow another uppercase letter. For example,
|
167
|
|
167
|
|
168
|
a. the score for `"DB453"` would be $$-2 \cdot 1 = -2$$ since it only contains one uppercase letter (`B`) that follows another uppercase letter.
|
168
|
a. the score for `"DB453"` would be $$-2 \cdot 1 = -2$$ since it only contains one uppercase letter (`B`) that follows another uppercase letter.
|
169
|
|
169
|
|
170
|
b. the score for `"TNS1PBMA"` would be $$-2 \cdot 5 = -10$$ since it contains 5 uppercase letters (`N`, `S`, `B`, `M`, `A`) that follow another uppercase letter.
|
170
|
b. the score for `"TNS1PBMA"` would be $$-2 \cdot 5 = -10$$ since it contains 5 uppercase letters (`N`, `S`, `B`, `M`, `A`) that follow another uppercase letter.
|
171
|
|
171
|
|
172
|
-4. **Consecutive lowercase letters:** The same as for criteria #3, but for lowercase letters.
|
|
|
|
|
172
|
+4. **Consecutive Lowercase Letters:** the same as for criteria #3, but for lowercase letters.
|
173
|
|
173
|
|
174
|
-5. **Consecutive digits:** The same as for criteria #3, but for digits.
|
|
|
|
|
174
|
+5. **Consecutive Digits:** the same as for criteria #3, but for digits.
|
175
|
|
175
|
|
176
|
|
176
|
|
177
|
---
|
177
|
---
|
|
|
|
|
197
|
|
197
|
|
198
|
---
|
198
|
---
|
199
|
|
199
|
|
200
|
-## Laboratory session:
|
|
|
|
|
200
|
+## Laboratory Session:
|
201
|
|
201
|
|
202
|
In this laboratory experience you will practice the use of mathematical expressions and selection structures to compute the score for the strength of a password combining the points for the individual criteria.
|
202
|
In this laboratory experience you will practice the use of mathematical expressions and selection structures to compute the score for the strength of a password combining the points for the individual criteria.
|
203
|
|
203
|
|
|
|
|
|
210
|
|
210
|
|
211
|
|
211
|
|
212
|
|
212
|
|
213
|
-### Exercise 1 - Familiarize yourself with the pre-defined functions
|
|
|
|
|
213
|
+### Exercise 1 - Familiarize Yourself with the Pre-defined Functions
|
214
|
|
214
|
|
215
|
The first step in this laboratory experience is to familiarize yourself with the functions that are pre-defined in the code. You will call these functions as part of your own code to compute the score of the various password strength criteria.
|
215
|
The first step in this laboratory experience is to familiarize yourself with the functions that are pre-defined in the code. You will call these functions as part of your own code to compute the score of the various password strength criteria.
|
216
|
|
216
|
|
217
|
-#### Instructions:
|
|
|
|
|
217
|
+#### Instructions
|
218
|
|
218
|
|
219
|
1. Load the project `PassworStrength` into `QtCreator`. There are two ways to do this:
|
219
|
1. Load the project `PassworStrength` into `QtCreator`. There are two ways to do this:
|
220
|
|
220
|
|
|
|
|
|
228
|
* `psfunctions.h` : contains the prototypes for the functions defined in `psfunctions.cpp`.
|
228
|
* `psfunctions.h` : contains the prototypes for the functions defined in `psfunctions.cpp`.
|
229
|
|
229
|
|
230
|
|
230
|
|
231
|
-### Exercise 2 - Understand the functions to update the user's graphical interface.
|
|
|
|
|
231
|
+### Exercise 2 - Understand the Functions to Update the User's Graphical Interface.
|
232
|
|
232
|
|
233
|
In the laboratory exercise you will write code to calculate the score associated to each one of the criteria in the tables for adding and subtracting points shown above. These scores should be updated in the user's graphical interface that is shown in Figure 1.
|
233
|
In the laboratory exercise you will write code to calculate the score associated to each one of the criteria in the tables for adding and subtracting points shown above. These scores should be updated in the user's graphical interface that is shown in Figure 1.
|
234
|
|
234
|
|
|
|
|
|
303
|
```
|
303
|
```
|
304
|
|
304
|
|
305
|
|
305
|
|
306
|
-### Exercise 3 - Compute the score for the criteria and the total score for the password
|
|
|
|
|
306
|
+### Exercise 3 - Compute the Score for the Criteria and the Total Score for the Password
|
307
|
|
307
|
|
308
|
The code that we're providing you contains the functions that compute the count for the majority of the criteria and whose names reflect what they do and what the function returns. For example, `countUppercase`, return the number of characters that are uppercase letters.
|
308
|
The code that we're providing you contains the functions that compute the count for the majority of the criteria and whose names reflect what they do and what the function returns. For example, `countUppercase`, return the number of characters that are uppercase letters.
|
309
|
|
309
|
|
|
|
|
|
338
|
In the project's code you will find examples of how to calculate the first two positive criteria: the number of characters in the password and the numbers of uppercase letters. You can compile and execute the example so you can see the working interface with these two criteria. Part of your task is to add the code to compute the score for the remaining criteria. Remember that you should accumulate the total score and invoke the functions to update the graphical interface.
|
338
|
In the project's code you will find examples of how to calculate the first two positive criteria: the number of characters in the password and the numbers of uppercase letters. You can compile and execute the example so you can see the working interface with these two criteria. Part of your task is to add the code to compute the score for the remaining criteria. Remember that you should accumulate the total score and invoke the functions to update the graphical interface.
|
339
|
|
339
|
|
340
|
|
340
|
|
341
|
-### Exercise 4 - Determine and display the password's strength
|
|
|
|
|
341
|
+### Exercise 4 - Determine and Display the Password's Strength
|
342
|
|
342
|
|
343
|
The user will input the password in the top section of the graphical interface. Below appears the *report* that contains the different criteria, the count for each criteria, and the individual score for the criteria. This report will be updated as the user inputs the password's characters. The total score will be the sum of all of the points (addition and subtraction) of the individual criteria.
|
343
|
The user will input the password in the top section of the graphical interface. Below appears the *report* that contains the different criteria, the count for each criteria, and the individual score for the criteria. This report will be updated as the user inputs the password's characters. The total score will be the sum of all of the points (addition and subtraction) of the individual criteria.
|
344
|
|
344
|
|
|
|
|
|
361
|
|
361
|
|
362
|
## Deliverables
|
362
|
## Deliverables
|
363
|
|
363
|
|
364
|
-Use "Deliverable" in Moodle to upload the `readpassword.cpp` file that contains the code with the computation for the score of the individual criteria, the final score, the function calls to update the graphical interface, the password's classification and the display functions. Remember to use good programming techniques, by including the name of the programmers involved, and documenting your program.
|
|
|
|
|
364
|
+Use "Deliverable" in Moodle to upload the `readpassword.cpp` file that contains the code with the computation for the score of the individual criteria, the final score, the function calls to update the graphical interface, the password's classification and the displayed functions. Remember to use good programming techniques, include the name of the programmers involved, and document your program.
|
365
|
|
365
|
|
366
|
|
366
|
|
367
|
|
367
|
|