6

I need to be able to tell the user if their password is strong or weak (or in between). Is there a library or a function that already does this?

If there isn't, what would be the best approach to determining if a password is secure or not?

Malfist
  • 31,179
  • 61
  • 182
  • 269
  • is this for ASP.NET, Forms, WPF, Silverlight or Command Line? – Symbioxys May 26 '10 at 14:36
  • this is for winforms, and possibly later, cli. It's also probably going to run under mono, but that's not a requirement yet. – Malfist May 26 '10 at 14:38
  • possible duplicate of [What is the best way to check the strength of a password?](http://stackoverflow.com/questions/75057/what-is-the-best-way-to-check-the-strength-of-a-password) – Steven Robbins May 26 '10 at 14:44

2 Answers2

3

KeePass has a password strength function. You can download the source zip file from here. The file you are looking for is called QualityEstimation in KeePassLib.Cryptography.

Jeremy Wiebe
  • 3,894
  • 22
  • 31
2

You can check out some articles on CodeProject. 1) http://www.codeproject.com/KB/edit/PasswordStrengh.aspx 2) http://www.codeproject.com/KB/security/passworddialog.aspx

A simple approach is to evaluate some regular expressions to check if it contains uppercase and lowercase letters, numbers, special symbols and the length of the password.

Iraklis
  • 810
  • 5
  • 14