New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Password Strength Meter

Return to previous page

  • 4/7/2015



Password Strength Meter

Last updated 9 years ago



(Enter the content of this article below)



As a user, when I’m creating or changing my password I want a visual cue that tells me about the complexity or quality of my password. (Weak, Good, Strong)

To test this enable the “Enable password strength check” under host settings, and then register a new user. When you access the password and password confirmation boxes, as you type a visual indication of the strength of the password will show.

Note: this is an alert only, a user may still choose a “weak” password as strength meters use relatively simple rules. In our case we are sourcing the 2 parameters used to judge strength from the minRequiredPasswordLength and minRequiredNonalphanumericCharacters values in web.config (you will want to alter these to test that different values return different strength warnings)

The password strength meter has 6 rules, each of which score one point

  • Meets minimum password length
  • Meets minimum number of “special” characters e.g. !@#$ etc.
  • Contains a capital letter
  • Contains a lowercase letter
  • Contains a number
  • Password length is 3 or more characters longer than the minimum length

Note: only the first two are requirements for a valid password, the others simply show that the user is using a “better” password. By encouraging user's to use a better password, it decreases the likelihood that other users will guess their password, or that a hacker can crack the password by generating hashes to attack a compromised site using Hashed passwords

What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out