dictionaryObject{}Dictionaries for password comparison with common words/names etc.
graphsObject{}Keyboard layout to check for patterns on different kind of keyboards
l33tTableObjectL33tTableTable with matching alphabetical chars into numbers and special chars
translationsObjectTranslations keysTranslations for the feedback
useLevenshteinDistancebooleanfalseActivate levenshtein
levenshteinThresholdnumber2Threshold for levenshtein
l33tMaxSubstitutionsnumber100Indicated the max substituions for the l33t matcher to prevent DOS
maxLengthnumber256Defines how many characters of the password are checked


By default, there are no dictionaries, they are in the language packages. There is an exceptional language package common which includes dictionaries that transcend languages like a password dictionary. It is highly recommended using at least the common and english language package to get a good result.


By default, there are no keyboard layouts used. It is recommended to add the common keyboard layout from the common language package Currently these keyboard layouts are supported:

  • azerty
  • dvorak
  • keypads
  • qwerty
  • qwertz


This is a table with matches for letters from numbers and special characters in the context of Leet speakopen in new window. E.g. an a can be written with 4 or @. Normally you don't need to adjust this options. If you find something missing in this table, feel free to open an issue or a PR.


By default, every feedback is a key. If you want to get real translated feedback you can use one of the language packages.


This variable is to activate the levenshtein distance check on the dictionary matcher. This will decrease the performance, and it is recommended to use the debounce helper.


This variable is to define the threshold of the levenshtein check


The l33t matcher will check how many characters can be exchanged with the l33t table. If they are to many it will decrease the calcTime significantly. So we cap it at a reasonable value by default which will probably already seems like a strong password anyway.


Defines how many character of the password are checked. A password longer than the default are considered strong anyway, but it can be increased as pleased. Be aware that this could open some attack vectors.


With this function you can add your own matcher for more information checkout the matcher documentation