Are there any off-line applications that score candidate passwords - say by comparing to a dictionary, performing entropy estimates, etc? A numeric score would be better than an "accepted or rejected" test. Users should not be expected to invent new passwords on the spot, and an application that they can run locally from CLI or GUI which scores their attempts would help generate robust passwords. Extra points if the app. can be configured for the common types of password restrictions (i.e., punctuation chars forbidden vs. punctuation chars mandatory), or can coach users into generating (and remembering!) strong passwords. But I'll take what I can get. The current practice of demanding and testing passwords for immediate need is insecure and inhumane, and "yes/no" acceptability testing is fascist and uninformative. There must be a better way. Keith -- Keith Lofstrom keithl@xxxxxxxxxx Voice (503)-520-1993 KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon" Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs
