Analyze passwords used by bots logging into a WordPress site caught by Admin Login Notifier

analyze-passwords.php

<?php

function unique_chars( $string ) {
	$chars = array();
	foreach ( str_split( $string ) as $character )
		$chars[$character] = true;

	return count( $chars );
}

function unique_char_types( $string ) {
	$types = array();
	foreach( str_split( $string ) as $character ) {
		if( preg_match( '/[a-z]/', $character ) )
			$types['lowercase'] = true;
		elseif( preg_match( '/[A-Z]/', $character ) )
			$types['uppercase'] = true;
		elseif( preg_match( '/[0-9]/', $character ) )
			$types['number'] = true;
		else
			$types['other'] = true;
	}

	return count( $types );
}

$passwords = file( dirname( __FILE__ ) . '/sample.txt', FILE_IGNORE_NEW_LINES|FILE_SKIP_EMPTY_LINES );

$results = array();
foreach ( $passwords as $num => $password ) {
	$results['length'][]     = strlen( $password );
	$results['chars'][]      = unique_chars( $password );		
	$results['char_types'][] = unique_char_types( $password );		
}

echo "Sample size: " . count( $passwords ) . "\n";
echo "Average length: " . number_format( array_sum( $results['length'] ) / count( $results['length'] ), 1 ) . "\n";
echo "Average characters: " . number_format( array_sum( $results['chars'] ) / count( $results['chars'] ), 1 ) . "\n";
echo "Average character types: " . number_format( array_sum( $results['char_types'] ) / count( $results['char_types'] ), 1 ) . "\n";
echo "Repetition factor: " . number_format( 1 - 1 / ( count( $passwords ) / count( array_unique( $passwords ) ) ), 2 ) . "\n";