

Zxcvbn: realistic password strength estimation - vvoyer
https://dl.dropboxusercontent.com/u/209/zxcvbn/test/index.html

======
vvoyer
Related:

\- XKCD password strength: [http://xkcd.com/936/](http://xkcd.com/936/)

\- XKCD style password generator:
[http://correcthorsebatterystaple.net/](http://correcthorsebatterystaple.net/)

#YOLOSECURITY

~~~
sarciszewski
correcthorsebatterystaple.net uses Math.random()... :'(

This is a Diceware implementation that uses window.crypto:

[https://github.com/resonantcore/lib/blob/master/js/diceware/...](https://github.com/resonantcore/lib/blob/master/js/diceware/diceware.js)

~~~
vvoyer
correcthorsebatterystaple.net is open source, submit a patch that would be
awesome
[https://github.com/jvdl/CorrectHorseBatteryStaple](https://github.com/jvdl/CorrectHorseBatteryStaple)

~~~
sarciszewski
[https://github.com/jvdl/CorrectHorseBatteryStaple/pull/2](https://github.com/jvdl/CorrectHorseBatteryStaple/pull/2)

Done :)

------
V-2
kurwa265555 (that's a swear word, sorry ;) ) takes "centuries" to crack, but
kurwa2655555 \- only 74 years.

Adding another 5 boosts it up to 83 years: kurwa26555555

But one more still: kurwa265555555 and it's down to 52 years now...

------
TheLoneWolfling
It doesn't recognize dates before 1900 or after 1999, it seems.

