Re: Password "scoring"
- From: Unruh <unruh-spam@xxxxxxxxxxxxxx>
- Date: 4 Jan 2007 13:04:10 GMT
David Eather <eather@xxxxxxxxxx> writes:
grk@xxxxxxx wrote:
I am looking for an algorithm for determining password strength,
similar to that in PGP Desktop (shows a progress bar that increases as
the difficulty of cracking the password increases).
No it does not. I think you misunderstand it. All it shows is that it has
tried a variety of numbers to see if they are primes. If not, it keeps
trying. That says nothinga bout the password strength. There IS not way of
determining passowrd strength. NOt least because any passowrd is weak if
your attacker knows it.
I have a large wordlist to which I can compare the words entered, but
was looking for some guidelines on auditing the actual passwords the
user enters.
Look at Moffit's cracklib for dictionary attacks on Unix passwords.
Not an algorithm but you could try here
This will be used during password-changing in an application I am
writing.
http://www.certainkey.com/demos/password/.
- References:
- Password "scoring"
- From: grk
- Re: Password "scoring"
- From: David Eather
- Password "scoring"
- Prev by Date: Re: Encryption - How to Choose Password
- Next by Date: Re: Thank you all for the constructive comments
- Previous by thread: Re: Password "scoring"
- Next by thread: Re: Password "scoring"
- Index(es):
