Projects/OWASP Passfault/Roadmap

From OWASP
Jump to: navigation, search


Release 0.8

Goal: preparation for ESAPI

  • More meaningful word lists
    • Frequency lists: build lists of the most common words, names
  • ESAPI Authenticator Decorator
    • Implement an ESAPI Authenticator that will enhance an existing authenticator with passfault implementing the "verifyPasswordStrength" method.
    • A volunteer force from university of Florida has built this. All that remains is to get it into ESAPI.

Release 1.0

Goal: Enterprise Ready, working with ESAPI

Other Important Goals

  • Javascript library generated by GWT and GWT Export. Do you know GWT? Please help us build a javascript version of passfault using GWT Exporter: https://code.google.com/p/gwt-exporter/
  • Document each pattern finder on the OWASP wiki.
  • JQuery Plugin: A JQuery plugin that will let a web site use either the passfault applet or a passfault JSON Service to analyze a password.
  • Wordlists: We can always use better word lists. Contact us on the mailing list if you want to help.

For current bugs and smaller tasks see the issues list on github: https://github.com/c-a-m/passfault/issues?state=open