Are You Using a Strong Password

One of the discussions that take place which I talk about Internet and computer safety is what makes a good password. Things I talk about are length of the password, mixing upper and lower case letters and including non-alphabetic characters. I found a couple of resources that talk about this issue at some length. There is an interactive website that rates your password that I found first. The page looks (in part) like this:


This is useful and the page also has some information about how the scores are calculated. From there I found a detailed page explaining what is and is not a strong password. It’s called Strong Passwords: How to create and use them. As I read through these pages it occurred to me that testing the strength of a password would make a good coding project. There are some complications to this though. How do you determine if a string has both upper and lower case characters for example? You could uppercase the whole string and compare the result to the original string I guess. Or you could scan each letter and note if a character is upper can or lower case and at the end see if you have found both types. Determining if a character is not a letter, a number or a special character, is similarly “interesting.” Testing for length is fairly straight forward though.

At the end of it all a programmer has to use what is and is not found to show a result somehow. I have started with this in a simple Visual Basic program. This screenshot shows the work in progress.


I used a progress bar object to show the line between the password that was entered and the label box that shows the grade in words. The textbox where the password is entered has the password character property set so that the password is not displayed For debugging purposes I also created a list box where I show the characteristics that I used to set the score. This could be a lot more fancy or detailed but it could also be done away with completely.

I used a lot of Boolean variables in my version. I’m still not sure if that was the best way of doing things. I was also thinking about using a status word where I set or reset bits depending on results. That would also change the way I evaluate the status for display. I imagine there are all sorts of creative ways this could be done though. That is why I think I like the idea of this as a class project – it gives students a chance at some real problem solving creativity. Of course a teacher could mandate either flag variables or a status word/value of some sort depending on teaching goals.

I’m going to keep up on this to see if I can write it up as a good project. But I thought I would show it in the blog to get some feedback and suggestions. So let me have it.