CUTCODEDOWN
Minimalist Semantic Markup

Welcome Guest
Please Login or Register

If you have registered but not recieved your activation e-mail in a reasonable amount of time, or have issues with using the registration form, please use our Contact Form for assistance. Include both your username and the e-mail you tried to register with.

Pages: [1]

Author Topic: Password Strength Using zxcvbn algorithm (dropbox)  (Read 60 times)

durangod

  • Sr. Member
  • ****
  • Posts: 415
  • Karma: +5/-0
  • Weebles Wobble - but they dont fall down!
Password Strength Using zxcvbn algorithm (dropbox)
« on: 2 Mar 2024, 03:26:37 am »
I ran across a plugin for my forum (no longer using SMF)  that advertised this algorithm and wondered what you all thought about it.   It was originally developed for DropBox. 

Here is an article on it....

https://dropbox.tech/security/zxcvbn-realistic-password-strength-estimation

Thoughts ?


PS yes i been gone awhile, stupid me got a girlfriend and then had to break up with her, what was i thinking lol
Logged

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1060
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Password Strength Using zxcvbn algorithm (dropbox)
« Reply #1 on: 2 Mar 2024, 12:56:51 pm »
Whenever I think about password strength, all I can think of is the xkcd  "battery horse staple" comic.

Mostly I find such estimates to be meaningless drivel that users will either be so turned off by they won't even create an account, or they'll just find some way to circumvent.

If people can't be bothered to create a secure password, I can't be bothered to secure their password. Besides with so many people using auto-password generators / password managers now where the passwords will pass strength tests when the manager/generator stores shit in plaintext on their system...

It really is an effort in futility.

And I hear you on the personal side of things. I'm tentatively in a new relationship where we get along famously and seem to have so much in common... but there's... social issues, society induced trauma/prejudice, and just plain figuring some s**t out involved.

Thankfully this old bottom bear is like a bendy straw. Straight but flexible.
Logged
We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

durangod

  • Sr. Member
  • ****
  • Posts: 415
  • Karma: +5/-0
  • Weebles Wobble - but they dont fall down!
Re: Password Strength Using zxcvbn algorithm (dropbox)
« Reply #2 on: 2 Mar 2024, 04:41:59 pm »
The extension had two options simple complexity and zxcvbn, i ran several 15 alphanumeric, mixed case, spec chars  password through both.  Seems to be the same or very similar results. Several were just a difference between strong and very strong display. So i went with the complexity option.  Here is what it says about the difference in the extension. 

Quote
Complexity looks for mixed characters, numbers, symbols and length in a password, encouraging complex passwords.

zxcvbn (by DropBox) calculates how easily a password can be guessed, allowing for strong user-friendly passwords.


LMAO I have never heard anyone say this before but i totally agree with it..  So true!!

Quote from: Jason Knight on  2 Mar 2024, 12:56:51 pm
If people can't be bothered to create a secure password, I can't be bothered to secure their password.

Congrats on the relationship, hope it works out great.   I have decided after this last drama fiasco (i have known her for 20 years prior as a friend) that after 60 years on this earth i still have absolutely no clue what i am doing or how to get along with them, they truely are from another planet.  :)  That is 3 months i will never get back lol
Logged
Pages: [1]
 

SMF spam blocked by CleanTalk

Advertisement