Agreed 100% Speed is the main reason I didn't include dictionary tests. But if Shiro made this stuff easy and fast, I certainly would have!
Tauren On Feb 16, 2011 8:02 AM, "Les Hazlewood" <[email protected]> wrote: > Nice! Thanks for the pointers Tauren. > > It's good that they have dictionary search capability. In my > (cursory) research, this is the only way to have decent strength > verification. You can come up with mathematical models representing # > of combinations of characters and such, but all of the ones I've seen > publicly available at least fail with simple 'L33T'-speak words. > > For example, @dm1nP@sSw0rd! is a 14-character word, almost double the > usual 8 character minimum, and it contains letters, numbers, > punctuation and symbols. However something like this would easily > succumb to a password cracker. > > Something needs to be created that can transform things like this back > to 'real' words, and then run those through a dictionary search. Not > easy stuff when you need to ensure the check is fast... > > Cheers, > > Les
