A Better Password Strength indicator
|Author:||Otto (profile at wordpress.org)|
|WordPress version required:||3.5.1|
|WordPress version tested:||3.7|
|Added to WordPress repository:||15-04-2013|
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
Click to start download
Note: WordPress 3.7 now includes the zxcvbn library itself. This plugin will do nothing at all on WordPress 3.7+ installations.
WordPress has a built-in indicator of "password strength". This indicator is limited in its ability to properly show what is a "good" vs. a "bad" password.
In 2012, Dropbox came up with a library called "zxcvbn", which is a password strength indicator that takes a lot more possible attacks into account, including dictionary attacks. This is an implementation of that library as a WordPress plugin.
There is no interface or options screen for this plugin. Simply activate it and the normal password strength indicators in WordPress will now use the Zxcvbn library instead. You'll notice that it is much more difficult to get a "green" color in those indicators now, since dictionary based words will get recognized by the underlying checks.
More information on the Zxcvbn library can be found here:
Note: The Zxcvbn library is licensed under the BSD license. See the LICENSE.txt for more information on licensing.