How strong is your password?

No matter how good the software running on a website is, there is always the human factor. If your password is “test”, “1234″, “qwerty” or anything obvious then you are putting your blog at risk of having it hacked. For that reason the password change form on the profile page now checks how strong your password is.

A password can have four levels of strength:

  1. Too short
  2. Bad
  3. Good
  4. Strong

Please try to make your passwords “strong”, but we’ll accept “good” passwords too. It makes it a bit harder to change your password but the extra effort is worth it.

We’re using this code by Phiras. Thank you Phiras for making it available! I’m going to integrate this into WPMU soon as strong passwords are so important for site security.

Wow! It’s ages since I’ve made a post about a new feature here. There’s a good reason for that. My wonderful son Adam was born on April 21st and had a small bit to do with my lack of updates. I’m working on a few more things now so I’ll be back to blog about more goodies soon!


Missing out on the latest WordPress.com developments? Enter your email below to receive future announcements direct to your inbox. An email confirmation will be sent before you will start receiving notifications - please check your spam folder if you don't receive this.

Join 15,096,584 other followers

Donncha

116 Comments

Comments are closed.

  1. cotojo

    Congratulations Donncha on the birth of your son.
    Passwords need to be strong and there are many places where you can generate good passwords then store them using http://www.clipperz.com or http://www.roboform.com. It’s also a good idea to change them now and again, just to thwart those that will persist in trying to hack them.

    It’s great to see a p/w checker on site, nice one. Keep up the great work.

  2. elgatosinbotas

    congratulations, lindo chico! :)

  3. imlocation

    I would like to know how secure and usable a passphrase is compared to a password. It’s easy to remember a phrase, even a nonsensical one (especially if it’s funny). The phrase “it’s 2007 where is my flying car?” is very easy to remember, and yet I is very difficult to brute force — googeling it gives results (2) as a search for “a7f834″. But the phrase is infinitely easier to remember.

    The biggest two downsides of passphrases I can think of is that:
    a) they take longer to enter — but an extra half-seconds of typing every day is less frustrating then an extra 30 seconds of trying to remember a password every week.
    b) Since they are longer, there is a greater chance of typos — but i think it would be possible to autocorrect for common typos (teh –> the, and so forth). It is 2007 after-all, we may not have flying cars, but we have computers that can recognize a simple phrase.

  4. eb1024

    I’ve ported this code to PHP, if a server side check is also necessary.

    Source code at http://www.alixaxel.com/wordpress/2007/06/09/php-password-strength-algorithm/

  5. satishbhasin123

    decent add.
    i also feel comfortable with a strong password.

  6. Karen

    Congratulations on the birth of your son and my appreciation for your continued improvement of WordPress.com

  7. Pingback: How Strong is YOUR Password? at Incoherent Babble
  8. Khloud

    Congrats on the birth of Adam. & Thank you for the update :)

  9. EscRiBiTioNiSt*

    Hehe.. mine is STRONG :p

  10. joe345

    My password can bench press 1000lbs!!!

  11. josejavaho

    Roboform password generator rocks….. Iife can be simple if you use good tools..
    Jose

  12. Riou Himeko

    My password is strong. I even make mistakes (a lot of mistakes) when typing it. Haha! :P

  13. Elaheh

    I rented my upper floor “Brain” long time ago so I try to use same password and yes its strong. :P

  14. cheezburger

    How about — REALLY STRONG. ;)

  15. lektorka

    My password is strong.

  16. Pingback: Bad Security 101 « Pat’s Daily Grind
Follow

Get every new post delivered to your Inbox.

Join 15,096,584 other followers

%d bloggers like this: