Hacker News new | past | comments | ask | show | jobs | submit login

Could you clarify?

Is the algorithm deficient?

To me that looks like code that indeed checks the strength, so I must be missing something.

It checks the length of a password, along with an arbitrary scalar for repeated characters. It does not do any entropy calculations.

The writer of that code at least needs to read https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpubli... one more time.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact