I have a situation where I would like to be able to rate a users password in the web interface to my system, so that before they hit submit they know if they have a bad password.
Key Requirements:
I've found many password meters written in jQuery, and things like http://www.passwordmeter.com/ that are too verbose.
Can anyone suggest a good drop in javascript password rater I can use, or give an example of how to write one?
The findings suggest that even an eight-character password — with a healthy mix of numbers, uppercase letters, lowercase letters and symbols — can be cracked within eight hours by the average hacker.
Password Meter - A visual assessment of password strengths and weaknesses.
Navigate under the tab “Options” and the sub-navigation menu “General” to toggle on the section “Disable Password Strength Meter”.
So, password meters are not a reliable guide to how likely it is that your password will be cracked but they do seem to nudge people in the direction of creating stronger passwords in general.
Update: created a js fiddle here to see it live: http://jsfiddle.net/HFMvX/
I went through tons of google searches and didn't find anything satisfying. i like how passpack have done it so essentially reverse-engineered their approach, here we go:
function scorePassword(pass) {     var score = 0;     if (!pass)         return score;      // award every unique letter until 5 repetitions     var letters = new Object();     for (var i=0; i<pass.length; i++) {         letters[pass[i]] = (letters[pass[i]] || 0) + 1;         score += 5.0 / letters[pass[i]];     }      // bonus points for mixing it up     var variations = {         digits: /\d/.test(pass),         lower: /[a-z]/.test(pass),         upper: /[A-Z]/.test(pass),         nonWords: /\W/.test(pass),     }      var variationCount = 0;     for (var check in variations) {         variationCount += (variations[check] == true) ? 1 : 0;     }     score += (variationCount - 1) * 10;      return parseInt(score); } Good passwords start to score around 60 or so, here's function to translate that in words:
function checkPassStrength(pass) {     var score = scorePassword(pass);     if (score > 80)         return "strong";     if (score > 60)         return "good";     if (score >= 30)         return "weak";      return ""; } you might want to tune this a bit but i found it working for me nicely
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With