Project 8 - Password Strength Indicator

Meta
1

Personal Information

Name: Arjit Singh
Education: B.Tech Computer Science (AI/ML specialization, Data Analytics minor), Amity University Gurugram, India
Background: Completed Harvard CS50, currently pursuing CS50 Web. Hands‑on experience with Python, C, and modern web frameworks (React, Django, Flask). I’ve applied these skills in hackathons and coursework, focusing on usability, modular design, and security.
Motivation: I am passionate about privacy‑focused applications and open‑source collaboration. Joplin’s mission resonates with me, and I want to contribute features that empower users to secure their data more effectively.

Synopsis

This project aims to implement a Password Strength Indicator in Joplin’s desktop and mobile applications. The feature will provide real‑time feedback to users when setting their master password, helping them choose stronger, more secure passwords without enforcing restrictions.

Benefits to Joplin

  • Improves user security awareness by showing password strength and crack‑time estimates.

  • Enhances user experience with actionable suggestions and accessible UI.

  • Aligns with Joplin’s mission of privacy and data protection.

  • Provides consistency across desktop and mobile platforms.

Deliverables

  • A reusable PasswordStrengthIndicator React component in TypeScript.

  • Integration into EncryptionConfigScreen (desktop) and equivalent mobile screens.

  • Real‑time strength bar (Weak / Fair / Good / Strong) with text + color labels.

  • Crack‑time estimates and improvement suggestions from zxcvbn-ts.

  • Unit tests and React component tests (Jest + React Testing Library).

  • Documentation for developers on usage and integration.

Technical Details

  • Library: Integrate @zxcvbn-ts/core for password evaluation.

  • UI: 4‑segment bar with WCAG 2.1 AA compliance (color + text labels).

  • Performance: Debounced updates (150ms) for smooth typing feedback.

  • Accessibility: Suggestions hidden once password reaches Good/Strong.

  • Scope Control: Advisory only, no enforcement of minimum strength.

  • Testing: Unit + component tests to ensure reliability.

Timeline (5 Weeks)

Week 1: Setup & Research

  • Study Joplin’s codebase and password input points.

  • Confirm integration feasibility with zxcvbn-ts.

Week 2: Component Development (Desktop)

  • Implement PasswordStrengthIndicator component.

  • Integrate with desktop EncryptionConfigScreen.

Week 3: Accessibility & Mobile Integration

  • Ensure WCAG compliance.

  • Integrate into mobile password input screens.

  • Optimize performance.

Week 4: Testing & Refinement

  • Write unit/component tests.

  • Refine UI/UX based on feedback.

Week 5: Documentation & Final Review

  • Document component usage.

  • Prepare PRs and finalize deliverables.

  • Address mentor feedback.

Skills Required

  • TypeScript, React (for component development).

  • Familiarity with npm dependency management.

  • Testing frameworks (Jest, React Testing Library).

  • Understanding of accessibility standards (WCAG 2.1).

Difficulty Level

Easy to Medium — The project is well‑scoped, beginner‑friendly, and achievable within ~90 hours, while still requiring attention to detail in UI/UX and accessibility.

Potential Mentors

  • Laurent Cozic

  • PackElend

References

  • zxcvbn-ts library

  • Joplin GSoC Ideas Page

  • Joplin Discourse community discussions

I’m particularly drawn to Joplin because of its focus on privacy and user empowerment. A password strength indicator directly supports this mission by helping users make informed choices about securing their data. My background in web development and security‑oriented projects makes me confident I can deliver a robust, accessible, and user‑friendly solution.

I look forward to feedback from the mentors and community, and I’m excited to iterate on this proposal to make it as strong and useful as possible.

2

Thank you. We do want beginner-friendly projects but do you feel that this is indeed an Easy to Medium project that takes 90 hours?

3

Thank you for raising this concern, Laurent. While the Password Strength Indicator is listed as an Easy project with an expected 90 hours, I believe the actual effort will be somewhat higher once we account for integration across platforms, accessibility compliance, and thorough testing.

In particular:

  1. Cross-platform integration (desktop and mobile) adds complexity beyond a single screen.
  2. Accessibility Requirements (WCAG 2.1 AA compliance, color + text indicators) require careful design and validation.
  3. Testing (unit tests, component tests, integration tests) will take significant time to ensure reliability.
  4. Community Feedback iterations will also add to the timeline, since UI/UX refinements are often needed.

I initially mentioned 90 hours because that was the figure listed in the ideas page, and as a first‑year B.Tech student I don’t yet have much experience estimating project timelines. In hindsight, I realize that was a misjudgment on my part. Considering the scope more carefully now.

Getting this project done in less than 90 hours is possible if i only :

  1. Add zxcvbn-ts to Joplin,
  2. Display a simple strength score (Weak → Strong),
  3. Skip accessibility refinements, mobile integration, and thorough testing.

but it may take more than 90 hours because of below mentioned points :

  1. Learning curve (React, TypeScript, testing) and building a reusable React + TypeScript component.
  2. Cross‑platform integration.
  3. Iterations after mentor/community feedback.
  4. Proper testing and documentation.
  5. Ensure accessibility compliance (WCAG 2.1 AA).
  6. Integrate it into both desktop (Electron) and mobile (React Native) versions of Joplin.

I may not be perfect in every area yet, and as a first‑year B.Tech student I don’t have extensive experience with estimating effort or advanced frameworks. However, I am eager to learn through open‑source collaboration, and I’m committed to completing my work on time. Even if my current skills are limited, I will put in the effort to grow step by step and deliver a reliable, polished contribution with the guidance of mentors and the community.

I’m think this will allow me to complete the project thoroughly and maintain quality, while also leaving room for mentor feedback and refinements.

It would be helpful for me if you could tell me the expected time period for this project.

Thank you for your kind consideration.

1 Like