πŸ›‘οΈ PWDValidator β€” Password Strength Auditor (Client Guide)

Dictionary-based attack detection with advanced normalization

This guide explains how to use PWDValidator, our high-precision password auditing tool.
It detects weak passwords by scanning them against multiple dictionaries β€” including standard dictionaries we already provide, plus any custom dictionaries the user wishes to add.

πŸš€ 1. What PWDValidator Does

PWDValidator checks whether a password is weak by searching for:

  • ❌ Exact dictionary matches

  • ❌ Case-insensitive matches

  • ❌ Substring matches (if meaningful length β‰₯ 4)

  • ❌ Reversed-password matches

  • ❌ Leet-speak equivalents (e.g., p4ssw0rd β†’ password)

  • ❌ Stripped-digits edges (123Tiger99 β†’ Tiger)

If any dictionary match occurs, the password is classified as WEAK.

Useful for:

  • Enterprise onboarding

  • Password policy enforcement

  • Auditing user-submitted passwords

  • Pre-flight checks before storing credentials

πŸ“¦ 2. Usage

Basic syntax

Β 
PWDValidator.exe PASSWORD dict1.txt dict2.txt ...

Exit codes

  • 0 β†’ Password OK

  • 1 β†’ Invalid usage

  • 2 β†’ Weak password (dictionary match detected)

🧠 3. What Dictionaries Are Included

We ship standard dictionaries by default, including:

  • πŸ”€ English common words

  • πŸ”€ Weak-password lists

  • πŸ”€ Known breach wordlists

  • πŸ”€ Common name lists

  • πŸ”€ Basic leetspeak variants

πŸ‘‰ Clients may add unlimited custom dictionaries simply by specifying them in the command line.

Example:

Β 
PWDValidator.exe "MyPassword123" weak.txt english.txt company_custom_dict.txt

πŸ› οΈ 4. Matching Logic (explained simply)

PWDValidator evaluates multiple transformations of the password:

Transformation Example Purpose
Lowercase normalized Password β†’ password Case-insensitive matching
Digit-stripped 123Tiger99 β†’ Tiger Detect padding
Reversed wolf β†’ flow Reverse-based guess attacks
Leet normalization p4ssw0rd β†’ password Real attacker behavior
Substring detection sunshine1984 β†’ sunshine Embedded weak words

Each word in each dictionary is compared against several password variants β€” exactly like real attackers do during dictionary cracking attempts.

πŸ” 5. Real Client Examples

Check a password using our standard dictionaries

Β 
PWDValidator.exe "Ártemis2025!" dic_common.txt dic_weak.txt dic_names.txt

Add your own corporate dictionary

Β 
PWDValidator.exe "QuantumTiger@44" dic_common.txt company_words.txt

Massive dictionary check (multi-GB compatible)

Β 
PWDValidator.exe "SuperKey99!" dic_weak.txt bigdict1.txt bigdict2.txt mega.txt

πŸ“Š 6. Progress Indicators

Large dictionaries show a real-time progress bar:

Β 
[weak.txt ] ???????????????????????????????? 87.3% (432000 lines) done (3.12s)

Useful for:

  • Big corporate dictionaries

  • Multi-GB breach lists

  • Monitoring long scans

πŸ›‘οΈ 7. Recommended Customer Workflow

Step 1 β€” Choose dictionaries

Use the ones we provide + add your own sensitive-term dictionary.

Step 2 β€” Run the validator

Β 
PWDValidator.exe "your_password_here" dicts...

Step 3 β€” Interpret the result

βœ” Strong

Β 
Result: OK - no dictionary matches found.

❌ Weak

Β 
Result: WEAK - dictionary match detected.

πŸ“˜ 8. Best Practices for Enterprises

  • Add dictionaries containing:

    • internal project names

    • employee names

    • company acronyms

    • common internal terms

  • Keep dictionary files UTF-8 encoded

  • Avoid single-character or trivial entries

  • Never store passwords in dictionaries

  • Use strong passwords generated by PWDGenerator

🧭 9. Client Summary (Executive View)

  • βœ” We include standard dictionary sets

  • βœ” Client may add unlimited custom dictionaries

  • βœ” Detects: exact matches, substrings, leet variants, reversed text, digit padding removal

  • βœ” Works with UTF-8 passwords and massive dictionaries

  • βœ” Produces a clear PASS/FAIL classification

  • βœ” Enterprise-grade and attacker-realistic validation