secure password assignment first draft

webgoat-lessons/secure-passwords/src/main/java/org/owasp/webgoat/plugin/SecurePasswordsAssignment.java

@@ -1,11 +1,11 @@
 package org.owasp.webgoat.plugin;
 
-
 import com.nulabinc.zxcvbn.Feedback;
 import com.nulabinc.zxcvbn.Strength;
 import com.nulabinc.zxcvbn.Zxcvbn;
 import org.jruby.RubyProcess;
 import org.owasp.webgoat.assignments.AssignmentEndpoint;
+import org.owasp.webgoat.assignments.AssignmentHints;
 import org.owasp.webgoat.assignments.AssignmentPath;
 import org.owasp.webgoat.assignments.AttackResult;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -22,12 +22,12 @@ import java.text.DecimalFormatSymbols;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Locale;
-import java.util.ResourceBundle;
 import java.util.concurrent.TimeUnit;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
 @AssignmentPath("SecurePasswords/assignment")
+//@AssignmentHints(value = {"xss-mitigation-3-hint1", "xss-mitigation-3-hint2", "xss-mitigation-3-hint3", "xss-mitigation-3-hint4"})
 public class SecurePasswordsAssignment extends AssignmentEndpoint {
 
     @RequestMapping(method = RequestMethod.POST)
@@ -60,6 +60,8 @@ public class SecurePasswordsAssignment extends AssignmentEndpoint {
             for(String sug: strength.getFeedback().getSuggestions()) output.append("<li>"+sug+"</li>");
             output.append("</ul></br>");
         }
+        output.append("<b>Score: </b>" + strength.getScore()+ "/5 </br>");
+        output.append("<b>Estimated cracking time in seconds: </b>" + calculateTime((long) strength.getCrackTimeSeconds().getOnlineNoThrottling10perSecond()));
 
         if(strength.getScore() >= 4)
             return trackProgress(success().feedback("securepassword-success").output(output.toString()).build());