[wp-trac] [WordPress Trac] #36287: Password strength meter unreliable
WordPress Trac
noreply at wordpress.org
Mon Mar 21 20:19:52 UTC 2016
#36287: Password strength meter unreliable
--------------------------+------------------------------
Reporter: n13design | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 4.4.2
Severity: normal | Resolution:
Keywords: close | Focuses:
--------------------------+------------------------------
Changes (by johnbillion):
* keywords: => close
Comment:
Hi @n13design, welcome to WordPress Trac!
Replying to [ticket:36287 n13design]:
> Is there a way to adjust the settings for the password strength?
That would somewhat defeat the entire purpose if what constituted "strong"
could be altered. A weak password is still weak even if you change the UI
so it tells you it's strong. A seven character password is not considered
strong due to its short length.
Note that WordPress' password strength meter uses
[https://github.com/dropbox/zxcvbn the zxcvbn library] from Dropbox, which
is well trusted. You may want to take a read through
[https://blogs.dropbox.com/tech/2012/04/zxcvbn-realistic-password-
strength-estimation/ the announcement post for zxcvbn] for more details.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/36287#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list