This small project is password strength meter for web pages written in javascript and html. The password strength is based on the entropy of the character sets used. Entropy in this case means the number of possible combinations of lowercase letters, uppercase letters, digits, and special characters that are possible in a password.
Please see the project home page at http://passwordmeter.sourceforge.net.
This project was inspired by a Randall Munroe cartoon at http://xkcd.com/936/.
Categories
SecurityLicense
Public DomainFollow Password Meter
You Might Also Like
Rate This Project
Login To Rate This Project
User Reviews
-
This is a much-needed concept: most password checkers are either part of a massive program or an installer, or they are on-line and require that users transmit their test passwords on the web, which may not be such a great idea. Of course it is possible that a javascript program running on the client could conceivably transmit stored passwords but someone can review the code and others can perhaps block access or even airgap the program entirely. As an added precaution when using any password checker, one can substitute characters but test a string which is of the same length as the actual password. Mixed in characters, numbers and upper case/lower case toggles can be tested similarly. It goes without saying that all password checkers are inherently unreliable depending greatly upon the algorithms employed and any password that uses humanly-intelligble cues in any way replicable by a potential cracker are going to be far less secure than any password rating program module is likely to detect. As an easy stimulant to careful consideration of password theory and practice, this is a nifty little javascript: easy to use, reasonably designed. A great added feature would be a means to configure the algorith and another would be a readout which informs the user of the deficiencies such as repetitions, lack of mixed case, and so forth. So far, so good, and there does not appear to be any reason not to use this program in conjunction with more complex crackers or pw evaluators.