Awesome find, Howard. I've needed a password strength algorithm in the past and never could find one. Plus, the strength computed by the Password Assistant is questionable at best. Given a password of 'aaaaaaaaaaaaaaaaaaaa' (20 lowercase 'a'), the assistant scores it about a 20%. Add one more 'a' though and it jumps to 80%. I'm not sure how that one extra 'a' is worth a 60% increase in strength. I'd be nice if their implementation was a bit more open for examination.
The algorithm used by KeePass, however, scores both a 20-character 'a' and 21-character 'a' password as 10 (with 0 being no password or a worthless password). Seems more accurate. If anyone's interested in it, I wrote a Cocoa version of their implementation. I'd be happy to make it available. Jim On Thu, Jan 7, 2010 at 2:32 PM, Howard Siegel <hsie...@gmail.com> wrote: > Have a look at the source code for KeePass Password Safe ( > http://keepass.info/). It has a password generator and strength > computation. Version 1.x is written in C++ for MS Windows (using MFC). > Version 2.x is a rewrite in C# for .NET. > > It has been ported as KeyPassX for Mac OS X and Linux. > > - h > > On Thu, Jan 7, 2010 at 11:51, Martin Hewitson > <martin.hewit...@aei.mpg.de>wrote: > >> Dear list, >> >> Is anybody aware of a reasonable algorithm or some code that can be used to >> test/check the strength of a password? I'd like to give a kind of score or a >> color (red,yellow,green). I've looked at cracklib, but that doesn't give a >> score, really. >> >> Best wishes, >> >> Martin >> >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> Martin Hewitson >> Albert-Einstein-Institut >> Max-Planck-Institut fuer >> Gravitationsphysik und Universitaet Hannover >> Callinstr. 38, 30167 Hannover, Germany >> Tel: +49-511-762-17121, Fax: +49-511-762-5861 >> E-Mail: martin.hewit...@aei.mpg.de >> WWW: http://www.aei.mpg.de/~hewitson <http://www.aei.mpg.de/%7Ehewitson> >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> >> >> >> >> >> _______________________________________________ >> >> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) >> >> Please do not post admin requests or moderator comments to the list. >> Contact the moderators at cocoa-dev-admins(at)lists.apple.com >> >> Help/Unsubscribe/Update your Subscription: >> http://lists.apple.com/mailman/options/cocoa-dev/hsiegel%40gmail.com >> >> This email sent to hsie...@gmail.com >> > _______________________________________________ > > Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) > > Please do not post admin requests or moderator comments to the list. > Contact the moderators at cocoa-dev-admins(at)lists.apple.com > > Help/Unsubscribe/Update your Subscription: > http://lists.apple.com/mailman/options/cocoa-dev/jturner.lists%40gmail.com > > This email sent to jturner.li...@gmail.com > _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
