Projects/OWASP Passfault/Roadmap

Release 0.8
Goal: preparation for ESAPI
 * More meaningful word lists
 * Frequency lists: build lists of the most common words, names
 * ESAPI Authenticator Decorator
 * Implement an ESAPI Authenticator that will enhance an existing authenticator with passfault implementing the "verifyPasswordStrength" method.
 * A volunteer force from university of Florida has built this. All that remains is to get it into ESAPI.

Release 1.0
Goals: Enterprise Ready - UI improvements for learning better password strategies - Easier to configure and run, not requiring a developer to wire things up.

Other Important Goals

 * Javascript library generated by GWT and GWT Export. Do you know GWT?  Please help us build a javascript version of passfault using GWT Exporter: https://code.google.com/p/gwt-exporter/
 * Document each pattern finder on the OWASP wiki.
 * JQuery Plugin: A JQuery plugin that will let a web site use either the passfault applet or a passfault JSON Service to analyze a password.
 * Wordlists: We can always use better word lists.  Contact us on the mailing list if you want to help.

For current bugs and smaller tasks see the issues list on github: https://github.com/c-a-m/passfault/issues?state=open