[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Password strength meter
From: Kévin_Ottens <ervin () ipsquad ! net>
Date: 2004-10-29 14:28:18
Message-ID: 200410291628.19255.ervin () ipsquad ! net
[Download RAW message or body]
Le Vendredi 29 Octobre 2004 13:05, Andrew Coles a écrit :
> I recently discovered a nice feature in Mozilla - in the master password
> dialogue there's a 'Password strength meter', which gives a rough
> indication of how good the password is (capitals, numbers, symbols etc.).
This is really a good feature in my opinion. I'm just wondering the accuracy
of the method used to compute the indication. It should be well thought if we
don't want to give a wrong feeling of security.
This computation should be fast... but is it relevant enough? Should we add
checks against a dictionnary? (ok would be far slower... but at least
verifying if it doesn't contain some personal information like the username,
or permutations of it, would raise the entropy a bit)
It was my 0.02¤
Regards.
--
Kévin 'ervin' Ottens, http://ervin.ipsquad.net
"Ni le maître sans disciple, Ni le disciple sans maître,
Ne font reculer l'ignorance."
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic