Use Dropbox's zxcvbn library for our password meter.

The library was added in [25156].

props duck_.
see #21737.


git-svn-id: https://develop.svn.wordpress.org/trunk@25157 602fd350-edb4-49c9-b593-d223f7449a82

Gruntfile.js

@@ -63,7 +63,8 @@ module.exports = function(grunt) {
 					'!wp-admin/js/iris.min.js',
 					'!wp-includes/js/backbone.min.js',
 					'!wp-includes/js/swfobject.js',
-					'!wp-includes/js/underscore.min.js'
+					'!wp-includes/js/underscore.min.js',
+					'!wp-includes/js/zxcvbn.min.js'
 				]
 			},
 			tinymce: {

src/wp-admin/js/password-strength-meter.js

@@ -1,36 +1,6 @@
-// Password strength meter
 function passwordStrength(password1, username, password2) {
-	var shortPass = 1, badPass = 2, goodPass = 3, strongPass = 4, mismatch = 5, symbolSize = 0, natLog, score;
-
-	// password 1 != password 2
-	if ( (password1 != password2) && password2.length > 0)
-		return mismatch
-
-	//password < 4
-	if ( password1.length < 4 )
-		return shortPass
-
-	//password1 == username
-	if ( password1.toLowerCase() == username.toLowerCase() )
-		return badPass;
-
-	if ( password1.match(/[0-9]/) )
-		symbolSize +=10;
-	if ( password1.match(/[a-z]/) )
-		symbolSize +=26;
-	if ( password1.match(/[A-Z]/) )
-		symbolSize +=26;
-	if ( password1.match(/[^a-zA-Z0-9]/) )
-		symbolSize +=31;
-
-	natLog = Math.log( Math.pow(symbolSize, password1.length) );
-	score = natLog / Math.LN2;
-
-	if (score < 40 )
-		return badPass
-
-	if (score < 56 )
-		return goodPass
-
-    return strongPass;
+	if (password1 != password2 && password2.length > 0)
+		return 5;
+	var result = zxcvbn( password1, [ username ] );
+	return result.score;
 }

src/wp-includes/js/zxcvbn-async.js

@@ -0,0 +1,17 @@
+(function() {
+  var async_load = function() {
+    var first, s;
+    s = document.createElement('script');
+    s.src = _zxcvbnSettings.src;
+    s.type = 'text/javascript';
+    s.async = true;
+    first = document.getElementsByTagName('script')[0];
+    return first.parentNode.insertBefore(s, first);
+  };
+
+  if (window.attachEvent != null) {
+    window.attachEvent('onload', async_load);
+  } else {
+    window.addEventListener('load', async_load, false);
+  }
+}).call(this);

src/wp-includes/script-loader.php

@@ -309,7 +309,12 @@ function wp_default_scripts( &$scripts ) {
 		'pluginPath' => includes_url( 'js/mediaelement/', 'relative' ),
 	) );
 
-	$scripts->add( 'password-strength-meter', "/wp-admin/js/password-strength-meter$suffix.js", array('jquery'), false, 1 );
+	$scripts->add( 'zxcvbn-async', "/wp-includes/js/zxcvbn-async$suffix.js", array(), '1.0' );
+	did_action( 'init' ) && $scripts->localize( 'zxcvbn-async', '_zxcvbnSettings', array(
+		'src' => includes_url( '/js/zxcvbn.min.js' ),
+	) );
+
+	$scripts->add( 'password-strength-meter', "/wp-admin/js/password-strength-meter$suffix.js", array( 'jquery', 'zxcvbn-async' ), false, 1 );
 	did_action( 'init' ) && $scripts->localize( 'password-strength-meter', 'pwsL10n', array(
 		'empty' => __('Strength indicator'),
 		'short' => __('Very weak'),

src/wp-includes/version.php

@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '3.7-alpha-25000';
+$wp_version = '3.7-alpha-25157';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.