extraVariations property
Optional guess multiplier.
Implementation
@override
double get extraVariations {
double variations = 1;
// Lower-case match.token before calculating: capitalization shouldn't
// affect l33t calc.
final String tokenLower = token.toLowerCase();
for (final PasswordChange change in changes) {
// Num of l33t entries.
final int l33tCount = _countSubstring(tokenLower, change.l33t);
// Num of clean entries.
final int cleanCount = _countSubstring(tokenLower, change.clean);
if (l33tCount == 0 || cleanCount == 0) {
// For this change, password is either fully l33t (444) or fully
// clean (aaa) treat that as doubling the space (attacker needs to try
// fully l33t chars in addition to clean).
variations *= 2;
} else {
// This case is similar to capitalization:
// with aa44a, clean = 3, l33t = 2, attacker needs to try
// clean + one l33t + two l33ts
double possibilities = 0;
for (int i = 1; i <= min(cleanCount, l33tCount); i++) {
possibilities += nCk(cleanCount + l33tCount, i);
}
variations *= possibilities;
}
}
return variations;
}