View Full Version : secure password system

08-28-2006, 04:59 AM
My idea is to create a safety system that indicates the safety of the password. I have a field in a form called PASSWORD and I want that if the person writes only letters by means of a document.write there appears a phrase that says: easy password. If more than 8 letters appear: medium password. And if writes letters and numbers appear: high password.

Need help. Regards

08-28-2006, 06:49 AM
You don't have very strict standards. What about mixing uppercase and lowercase letters and using symbols?

8 characters is not a very long password.

This might be helpful to you. (http://www.webdeveloper.com/forum/showthread.php?t=85117)

Philip M
08-28-2006, 07:46 AM
if (/\d{2.}/.test(password.value)) && (/\D{2.}/.test(password.value)) &&(password.value.length > 8) {
alert ("Fairly secure password over 8 characters containing at least 2 letters and at least 2 digits");
if (password.value.length > 8) {
alert ("Medium strength password over 8 characters");
else {
alert ("The password is too simple and rather insecure");

I doubt if urgido requires Fort Knox levels of password security. Like any other form
of security the strength should be geared to the threat and the consequences if
the password is breached. For most purposes 8 mixed characters (not being a word of the language)
ought to suffice. My password for this forum is 7 letters/digits (a once-owned car registration number). I'll bet a good many on-line banking customers chosen weaker passwords that that! (Wife's name, dog's name, whatever). And passwords such as Eb76hDL7y cannot be remembered and mustr inevitably be written down on a Post-It note attached to the screen :<).

IMHO the simplest and most effective passwords are made of two unrelated words joined with a digit(s):
e.g purple77starling.

08-28-2006, 07:58 AM
function pwd_strength($pwd)
$result = 0; # intialize to weakest
$result += round(strlen($pwd) / 10);
foreach(array("a-z", "A-Z", "0-9", "^a-zA-Z0-9") as $chars)
if(preg_match("/[$chars]/", $pwd))
$result += 1;
return(min($result, 6));
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang='en'>
<META HTTP-EQUIV='Content-Type' CONTENT='text/html; charset=ISO-8859-1'>
<title>Password Validation</title>
<style type="text/css">
body {
font: medium arial, helvetica, sans-serif;
margin: 0;
padding: 1em 10%;
div {
height: 20px;
margin: 5px 0;
padding: 0;
border: solid 1px #333;
#str0, #str1 {
width: 12%;
background-color: #f00;
#str2 {
width: 24%;
background-color: #c30;
#str3 {
width: 36%;
background-color: #963;
#str4 {
width: 48%;
background-color: #693;
#str5 {
width: 60%;
background-color: #3c0;
#str6 {
width: 72%;
background-color: #0f0;
#rating {
width: 72%;
padding: 0;
margin: 0;
border: none;
height: auto;

<h1>Password Strength Rating</h1>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<p>Password: <input type="password" name="password" size="16" maxlength="16">
<input type="submit" name="submit" value="Rate Password"></p>
$strength = pwd_strength($_POST['password']);
echo "<p>Password strength (1 = very weak, 6 = very strong): ".
echo "<div id='str$strength'></div>";
echo "<div id='rating'><p style='float: left'>Weak</p>";
echo "<p style='float: right'>Strong</p></div>\n";

This looks very nice but How about validate this when the user is writing in the input box? Regards