diff --git a/webgoat-lessons/secure-passwords/src/main/java/org/owasp/webgoat/secure_password/SecurePasswordsAssignment.java b/webgoat-lessons/secure-passwords/src/main/java/org/owasp/webgoat/secure_password/SecurePasswordsAssignment.java
index 2e8e63813..24bbf5bf2 100644
--- a/webgoat-lessons/secure-passwords/src/main/java/org/owasp/webgoat/secure_password/SecurePasswordsAssignment.java
+++ b/webgoat-lessons/secure-passwords/src/main/java/org/owasp/webgoat/secure_password/SecurePasswordsAssignment.java
@@ -55,17 +55,17 @@ public class SecurePasswordsAssignment extends AssignmentEndpoint {
} else {
output.append("
");
}
- output.append("Estimated cracking time: " + calculateTime((long) strength.getCrackTimeSeconds().getOnlineNoThrottling10perSecond()));
+ output.append("Estimated cracking time: " + calculateTime((long) strength.getCrackTimeSeconds().getOnlineNoThrottling10perSecond()) + "");
if (strength.getFeedback().getWarning().length() != 0)
- output.append("Warning: " + strength.getFeedback().getWarning());
+ output.append("Warning: " + strength.getFeedback().getWarning() + "");
// possible feedback: https://github.com/dropbox/zxcvbn/blob/master/src/feedback.coffee
// maybe ask user to try also weak passwords to see and understand feedback?
if (strength.getFeedback().getSuggestions().size() != 0) {
- output.append("Suggestions:");
+ output.append("Suggestions:");
for (String sug : strength.getFeedback().getSuggestions()) output.append("- " + sug + "
");
output.append("
");
}
- output.append("Score: " + strength.getScore() + "/5 ");
+ output.append("Score: " + strength.getScore() + "/4 ");
output.append("Estimated cracking time in seconds: " + calculateTime((long) strength.getCrackTimeSeconds().getOnlineNoThrottling10perSecond()));
if (strength.getScore() >= 4)
@@ -89,4 +89,4 @@ public class SecurePasswordsAssignment extends AssignmentEndpoint {
return (years + " years " + days + " days " + hours + " hours " + minutes + " minutes " + sec + " seconds");
}
-}
\ No newline at end of file
+}