altf4arnold/datatracker
1
0
Fork 0
Code Issues Pull requests Actions 5 Packages Projects Releases Wiki Activity
datatracker/ietf/templates/registration/change_password.html
Henrik Levkowetz 93e07f8650 Changed deprecated 'load staticfiles' to recommended 'load static' 
- Legacy-Id: 18080
2020-06-27 13:51:19 +00:00

78 lines
2.5 KiB
HTML
Raw Blame History

{% extends "base.html" %}
{# Copyright The IETF Trust 2015, All Rights Reserved #}
{% load origin %}
{% load bootstrap3 %}
{% load static %}
{% block title %}Change password{% endblock %}
{% block js %}
{{ block.super }}
<script type="text/javascript" src="{% static 'zxcvbn/zxcvbn.js' %}"></script>
<script type="text/javascript" src="{% static 'ietf/js/password_strength.js' %}"></script>
{% endblock %}
{% block content %}
{% origin %}
{% if success %}
<h1>Your password was successfully changed.</h1>
{% if not user.is_authenticated %}
<a type="a" class="btn btn-primary" href="/accounts/login/" rel="nofollow">Sign in</a>
{% endif %}
{% else %}
<div class="row">
<div class="col-md-2 col-sm-0"></div>
<div class="col-md-8 col-sm-12">
<h1>Change password</h1>
<form method="post">
{% csrf_token %}
{% bootstrap_form form %}
{% buttons %}
<button type="submit" class="btn btn-primary">Change password</button>
{% endbuttons %}
</form>
<div class="help-block">
This password form uses the
<a href="https://blogs.dropbox.com/tech/2012/04/zxcvbn-realistic-password-strength-estimation/">zxcvbn</a>
password strength estimator to give an indication of password strength.
The crack time estimage given above assume online attack without rate
limiting, at a rate of 10 attempts per second.
</div>
<h4>Offline cracking</h4>
<div class="help-block">
The datatracker currently uses the <b>{{ hasher.algorithm }}</b>
password hasher with
<b>
{% if hasher.iterations %}
{{ hasher.iterations }} iterations
{% elif hasher.rounds %}
{{ hasher.rounds }} rounds
{% elif hasher.time_cost and hasher.memory_cost and hasher.parallelism %}
time cost {{ hasher.time_cost }}, memory cost {{ hasher.memory_cost }}
and parallelism {{ hasher.parallelism }}
{% endif %}
</b>.
Calculating offline attack time if password hashes should leak is left
as an excercise for the reader.
</div>
<div class="help-block">
<p class="text-muted password_strength_offline_info hidden">
As a guideline, if we assume offline hashing using the current hasher
at a speed of 10<sup>4</sup> attempts per second, this password would
take <b><em class="password_strength_time"></em></b> to crack.
</p>
</div>
</div>
<div class="col-md-2 col-sm-0"></div>
</div>
{% endif %}
{% endblock %}
Reference in a new issue View git blame Copy permalink