Forum / Remote Desktop Manager - Feature Request

More realistic password analyzer

  • Create an Issue
  • Cancel

Hi,
I'd like to see a bit more realistic password strength analyzer. The current one seems to be based mainly around the password length and character groups while almost completely ignoring the actual content and brute force and dictionary complexity.

Eg. Hello123* is evaluated as very strong. On the other hand, Ca2YiSp2GwiojluK32cKOjZbZzAc147A is evaluated also only as very strong whereas NyCCs.#7k=GR! is deemed perfect just because it contains special characters, although guess time while using fast hashes is much shorter (and for slow or adaptive hashes like bcrypt, both of them are practically impenetrable, unlike the Hello123*).

My idea is something like Dropbox's zxcvbn - https://github.com/dropbox/zxcvbn (demo on https://dl.dropboxusercontent.com/u/209/zxcvbn/test/index.html ). C#/.NET implementation already exists, so it's mostly about skillfully weaving the code together.

Clock2 yrs

Hi,
You have a good point. Thank you for your suggestion and the links

Regards

David Hervieux

signaturesignature

Clock2 yrs