Project Overview
Authentication systems are frequently targeted by brute-force and dictionary attacks due to weak user credentials. This project provides a security-focused API designed to analyze and validate password strength through multi-layered assessments. The system evaluates passwords against complexity requirements, identifies sequential patterns, and checks for restricted words stored in a database. By providing detailed feedback and safety scores, the API helps developers implement robust password policies that prevent the use of easily guessable or compromised credentials.
System Architecture
FastAPI Backend
A high-performance Python framework providing asynchronous RESTful endpoints for real-time password analysis and security validation.
Pattern Analyzer
A detection engine that scans passwords for common weak patterns, repeated characters, and predictable numeric sequences.
MySQL Database
Stores a wordlist of restricted terms (e.g., common location names or simple words) used for dictionary checks.
Policy Engine
A rules-based component that enforces specific security requirements like minimum length, special characters, and uppercase letters.
API Gateway
Manages secure paths for scanning and downloading, ensuring controlled access to the security services.
Key Features
Multi-Criteria Strength Check
Evaluates passwords for length, character variety, and the presence of both uppercase letters and special symbols.
Restricted Wordlist Integration
Prevents the use of vulnerable terms by checking passwords against a customizable MySQL-stored dictionary.
Sequential Pattern Detection
Identifies and warns users about predictable sequences, such as sequential numbers or repeated characters.
Real-Time Safety Scoring
Generates an immediate "is_safe" boolean status and detailed feedback strings for every analyzed password.
Comprehensive Access Logs
Records every check request, including IP address, origin, and response status, for security auditing purposes.
System Flow
Password Submission
The client securely submits a password to the API endpoint (e.g., :8000/checkpass/check_password) for evaluation.
Complexity Validation
The policy engine verifies if the password meets basic requirements, such as length and character diversity.
Dictionary Lookup
The system queries the MySQL database to check if the password contains restricted words like "jogjakarta".
Pattern Scanning
The analyzer detects weak sequences, such as "123" or repeated characters that lower entropy.
Result Generation
The API returns a JSON response containing the safety status and specific issues to remediate.
Project Outcome
The SecValidator API successfully automates password validation by providing robust checks against common security vulnerabilities. It accurately identifies weak passwords, such as "jogjakarta123," by citing specific issues like sequential numbers and restricted word use. This tool empowers developers to enforce secure authentication standards, significantly reducing the risk of unauthorized access through credential-based attacks.
Screenshots
