On Thu, Apr 21, 2005 at 10:21:02AM -0700, Keith Lofstrom wrote: > > Are there any off-line applications that score candidate passwords > - say by comparing to a dictionary, performing entropy estimates, > etc? A numeric score would be better than an "accepted or rejected" > test. > > Users should not be expected to invent new passwords on the spot, and > an application that they can run locally from CLI or GUI which scores > their attempts would help generate robust passwords. Extra points if > the app. can be configured for the common types of password restrictions > (i.e., punctuation chars forbidden vs. punctuation chars mandatory), > or can coach users into generating (and remembering!) strong passwords. > > But I'll take what I can get. The current practice of demanding and > testing passwords for immediate need is insecure and inhumane, and > "yes/no" acceptability testing is fascist and uninformative. There > must be a better way. > > Keith have you tried pwgen? It's not exactly what you are asking for, but it's designed to create secure password that are still easy to memorize. -- Gunnar vS Kramm San Francisco, CA http://www.thekramms.com gpg public key: http://thekramms.com/keys/gkramm.gpg
