Password scoring application wanted
Gunnar Kramm
gkramm at speakeasy.net
Thu Apr 21 17:45:43 UTC 2005
On Thu, Apr 21, 2005 at 10:21:02AM -0700, Keith Lofstrom wrote:
>
> Are there any off-line applications that score candidate passwords
> - say by comparing to a dictionary, performing entropy estimates,
> etc? A numeric score would be better than an "accepted or rejected"
> test.
>
> Users should not be expected to invent new passwords on the spot, and
> an application that they can run locally from CLI or GUI which scores
> their attempts would help generate robust passwords. Extra points if
> the app. can be configured for the common types of password restrictions
> (i.e., punctuation chars forbidden vs. punctuation chars mandatory),
> or can coach users into generating (and remembering!) strong passwords.
>
> But I'll take what I can get. The current practice of demanding and
> testing passwords for immediate need is insecure and inhumane, and
> "yes/no" acceptability testing is fascist and uninformative. There
> must be a better way.
>
> Keith
have you tried pwgen? It's not exactly what you are asking for, but it's
designed to create secure password that are still easy to memorize.
--
Gunnar vS Kramm
San Francisco, CA
http://www.thekramms.com
gpg public key:
http://thekramms.com/keys/gkramm.gpg
More information about the users
mailing list