Page MenuHome GnuPG

Update the password checking algorithm
Open, LowPublic

Description

Following the advice of the xkcd comic, I suggest tho following change to the
password checking algorithm:

Check if it is a wordy password, if so, use my proposed algorithm:

Check that there are at least four words greater than 5 characters in length.
Otherwise, reject the password

Reference:
XKCD "Password Strength" <URL: https://www.xkcd.com/936/ >

Not sure whether to consider this warning against a four word, secure password a bug, or the fix a 'feature' so I put both.