Implement Dropbox's (zxcvbn) password strength library
Please consider implementing Dropbox's password strength library in future versions of plesk. https://github.com/dropbox/zxcvbn
Right now (Plesk Onyx Version 17.8.11) very secure passwords such as applaud-bisque-batch-forefoot won't even pass the "medium" filter, and very bad passwords such as Pa$$word123 are marked "Strong".
Brute force cracking continues to get more sophisticated and the current strength ratings are misleading.
Thank you for your input! We will consider this functionality in upcoming releases, if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
—
IG
-
Plesk Tech Support commented
Please make sure to use inputs to zxcvbn library in order to gauge password strength. I believe you should put everything from client and domain info into userInput, eg domain name, mailbox name etc. That way it'd better mark unsafe passwords as unsafe.
-
Peter Wise commented
An accompanying feature to choose the style and length of autogenerated passwords would also be fantastic. So when you click the "Generate" button you could get something like these depending on your settings:
"words: 4" - applaud-bisque-batch-forefoot
"letters and numbers: 20" - Qtaguzw2zku3zTksc4ED
"letters, numbers, characters: 12" - #iD=7g3DJ9UNSee the password generator in 1Password for inspiration...
-
Peter Wise commented
Please consider implementing Dropbox's password strength library in future versions of plesk. https://github.com/dropbox/zxcvbn
Right now (Plesk Onyx Version 17.8.11) very secure passwords such as applaud-bisque-batch-forefoot won't even pass the "medium" filter, and very bad passwords such as Pa$$word123 are marked "Strong".
Brute force cracking continues to get more sophisticated and the current strength ratings are misleading.