I initially tried integrating the zxcxvbn4j library and was encountering problems. While researching, I discovered the nbvcxz java library. I liked that I could use it as a stand-alone program as well as easily add words on-the-fly so that the passwords can't contain guessable firstname, lastname, email or website strings. It supports more languages and as well as generating strong "forgot password" temporary passwords or passphrases.
I haven't directly added this library directly into our custom framework (yet), but have it currently integrated as an API endpoint (using Taffy) so that it can be accessed via javascript or CFHTTP request (via UDF).
I initially tried integrating the zxcxvbn4j library and was encountering problems. While researching, I discovered the nbvcxz java library. I liked that I could use it as a stand-alone program as well as easily add words on-the-fly so that the passwords can't contain guessable firstname, lastname, email or website strings. It supports more languages and as well as generating strong "forgot password" temporary passwords or passphrases.
I haven't directly added this library directly into our custom framework (yet), but have it currently integrated as an API endpoint (using Taffy) so that it can be accessed via javascript or CFHTTP request (via UDF).