Passwords are a part of life. They’re needed, but they’re a pain. But their ubiquity often leads users to create short, or otherwise easily-guessable passwords. Not good.
I recently signed up for an account on oDesk, a site for connecting IT free-lancers and service-providers, and those looking for said services. While a lot of sites discourage the use of strong passwords by saying you can only use letters and numbers, or limiting your length, oDesk requires you to have at least one letter and at least one number or symbol, and they even tell you how strong they think your password is. They give you a little bar that turns different colors based on how good your password is. Looking at their page reveals this:
function get_str_pass_lvl(password) {
var str = password.toString();
var l = str.length;
var c = 0;
//a-z
regEx = RegExp('([a-zA-Z]+)', 'gi');
if(str.match(regEx)) {
c++;
}
//0-9
regEx = RegExp('(\\d+)', 'gi');
if(str.match(regEx)) {
c++;
} else {
//non-word
regEx = RegExp('(\\W+)', 'gi');
if(str.match(regEx)) {
c++;
}
}
if (0 == l) {
return 0;
} else if (l < 8) {
return 1;
} else if (l >= 8 && c < 2) {
return 2;
} else if (l >= 8 && l < 14 && c == 2) {
return 3;
} else if (l >= 14 && c == 2) {
return 4;
}
}
They believe best passwords are 14 characters or longer, and have a letter or special character in there. I’d have to say I agree.
Comments
comments powered by Disqus