Re: A password strength checker
Re: A password strength checker
- Subject: Re: A password strength checker
- From: Jim Turner <email@hidden>
- Date: Tue, 12 Jan 2010 09:09:09 -0600
Code is available at:
http://code.google.com/p/nukethemfromorbit/source/browse/#svn/trunk/PasswordStrength
It's just the method for determining the strength, any UI
accouterments is an exercise left up to the reader... although I'll
probably make my stuff available once I have it cleaned up. If anyone
has suggestions for improvement of the algorithm, please let me know.
Jim
On Mon, Jan 11, 2010 at 10:05 PM, Howard Siegel <email@hidden> wrote:
> If you would, please post your code some place and let us know the URL to
> it.
>
> There is supposed to be an iPhone version coming out, but I suspect that
> it will be done using MonoDevelop (C#.NET for non-Windows platforms)
> rather than being written in ObjC/Cocoa.
>
> - h
>
> On Mon, Jan 11, 2010 at 08:12, Jim Turner <email@hidden> wrote:
>>
>> Awesome find, Howard. I've needed a password strength algorithm in the
>> past and never could find one. Plus, the strength computed by the
>> Password Assistant is questionable at best. Given a password of
>> 'aaaaaaaaaaaaaaaaaaaa' (20 lowercase 'a'), the assistant scores it
>> about a 20%. Add one more 'a' though and it jumps to 80%. I'm not sure
>> how that one extra 'a' is worth a 60% increase in strength. I'd be
>> nice if their implementation was a bit more open for examination.
>>
>> The algorithm used by KeePass, however, scores both a 20-character 'a'
>> and 21-character 'a' password as 10 (with 0 being no password or a
>> worthless password). Seems more accurate.
>>
>> If anyone's interested in it, I wrote a Cocoa version of their
>> implementation. I'd be happy to make it available.
>>
>> Jim
>>
>> On Thu, Jan 7, 2010 at 2:32 PM, Howard Siegel <email@hidden> wrote:
>> > Have a look at the source code for KeePass Password Safe (
>> > http://keepass.info/). It has a password generator and strength
>> > computation. Version 1.x is written in C++ for MS Windows (using MFC).
>> > Version 2.x is a rewrite in C# for .NET.
>> >
>> > It has been ported as KeyPassX for Mac OS X and Linux.
>> >
>> > - h
>> >
>> > On Thu, Jan 7, 2010 at 11:51, Martin Hewitson
>> > <email@hidden>wrote:
>> >
>> >> Dear list,
>> >>
>> >> Is anybody aware of a reasonable algorithm or some code that can be
>> >> used to
>> >> test/check the strength of a password? I'd like to give a kind of score
>> >> or a
>> >> color (red,yellow,green). I've looked at cracklib, but that doesn't
>> >> give a
>> >> score, really.
>> >>
>> >> Best wishes,
>> >>
>> >> Martin
>> >>
>> >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> >> Martin Hewitson
>> >> Albert-Einstein-Institut
>> >> Max-Planck-Institut fuer
>> >> Gravitationsphysik und Universitaet Hannover
>> >> Callinstr. 38, 30167 Hannover, Germany
>> >> Tel: +49-511-762-17121, Fax: +49-511-762-5861
>> >> E-Mail: email@hidden
>> >> WWW: http://www.aei.mpg.de/~hewitson
>> >> <http://www.aei.mpg.de/~hewitson>
>> >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> _______________________________________________
>> >>
>> >> Cocoa-dev mailing list (email@hidden)
>> >>
>> >> Please do not post admin requests or moderator comments to the list.
>> >> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>> >>
>> >> Help/Unsubscribe/Update your Subscription:
>> >>
>> >> This email sent to email@hidden
>> >>
>> > _______________________________________________
>> >
>> > Cocoa-dev mailing list (email@hidden)
>> >
>> > Please do not post admin requests or moderator comments to the list.
>> > Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>> >
>> > Help/Unsubscribe/Update your Subscription:
>> >
>> >
>> > This email sent to email@hidden
>> >
>
>
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden