• Do not use any part of your name or login name. Not even reversed.
• Do not use your birthday or year of birth.
• Are you a fan of something? Do not use that or parts of it. So Michael or Jacko, Lady Gaga or similar things are off limits.
• Change it frequently, at least every 3 to 6 month. You can modify it slightly to make it easier to remember. So instead of Fihs42@Usa you will use Fihs84@Ger.
• Just fell in love? That name of her or him is too easy to guess or crack.
• Make your password at least 8 characters long, 12 would be great. Do not use words from a dictionary.
• Put in numbers and characters, such as -,;.ß?=)(!? … you know what I mean.
• Uppercase and lowercase letters please.
• Do not repeat yourself. ttTT6655!! looks good, but is too obvious.

Try to make your password complicated but easy to remember for you. Build yourself a bridge to remember it. For example: “Lady Gaga is extremely 6y, even before 7 am.“  can be turned into LGie6y,eb7am. Of course, now this password is useless, because I explained it here. But you hopefully got the idea.

Do not forget to test your ideas with Yet Another Password Meter.

The password that you entered is not valid. Please enter a valid password (4-16 characters/alphabetic and numeric characters only).

Additional 4 characters as minimum length… what a risk.

One of the problems was the rating of long passwords. The longer the password got, the less points it got. Reason was the redundancy which was applied all the time. Well, I fixed that… and wait, there is more…

Minimum length increased

The minimum length was increased to 6 characters. Five was too short. Therefore the entire score changed and your old password might now return different data.

Redundancy Change

Redundancy has only meaning when the password is equal or shorter the recommended length (right now 8 characters). The influence on longer passwords has been removed, therefore 11111kq!_()*/& is now about 42% and 11111kq!_()*/&1111111111111 is 47%. It was 92% and 59% before. This directly leads to the next improvement.

I also adjusted the redundancy factor slightly.

Significance

Some legacy systems and some nasty software offer to input quite long passwords, but use at the end only the first characters. So we changed the algorithm to reflect that. The new value is named significance. The recommended password length, right now 8 characters, is most significant.

This first part of the password is analyzed separately again and influences the score the most. See the following examples and note how the bad first part influences the rating. This is of course a somewhat artificial assumption but it put makes things more secure.

• 11111111 – 0%, obviously a garbage like password
• aA-.85fG! – 100%, pretty nice, isn’t it?
• aA-.85fG!11111111 – 100%, still nice of course
• 11111111aA-.85fG! – 23%, still a password with some meaning, but due to the usage of a first part that has a zero score, the overall rating does not come up that high

More colors

The complexity indicator has now a color code to make the change more obvious and I pay my tribute to the people who do not want to read

Bottom line

I am looking forward to your comments and suggestions. Feel free to use the tool often and extensively. Do not forget to tell friends about it. Educate them about good password usage.

If you find any strange things, let me know. If you find the tool to strict, let me now. Please include your arguments.

“May the best password win!”

For the programmer in you: We fixed the formatting of float numbers and displaying only two decimal digits now. Function used number.toFixed(2).

Well, the story is simple. About a month ago, I discovered The Password Meter and found it really cool. Because Jeff decided to publish his code under GPL, I decided to translate it into German and make it available on my own web site. But why is this site in English than?

While translating the site I discovered, that it is hard to maintain and difficult to style. Code and UI were interwoven. Because I am a quality assurance manager with experience in web design and high performance web programming, I decided to change that. And one thing came to the other.

After a while, I had completely rewritten most of the code, redesigned the layout, and enhanced it with some nifty Javascript.  Thanks to the JQuery guys by the way…  and I have not found the time to translate it into German, but will do that definitely.

The project helped my to learn a lot about object oriented programming in Javascript and yes, it sucks! But it was important to keep the application browser bound to make it trustful and easy to transfer  to other systems or even use it locally. The JQuery part helped my to spice it up a little bit.

During redesign, I discovered some bugs in the original code and changed the functionality big time to make it easier to maintain while keeping it still easy to understand.

Feel free to complain, suggest improvements, or simply use it. It is not perfect and still has some flaws. But the basic functionality works as expected. Of course, this code is available under GPL. Grab it, change it, and have fun with it.