This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
A brilliant - and also terrible - idea - for discussion only #67
Labels
enhancement
New feature or request
You can continue the conversation there. Go to discussion →
Why it's brilliant
Search the first
n
characters of the password on a search engine.See how many results there are.
That can be like as one of the password scores. (the more results, lower the score)
Why it's terrible
The password will no longer be a secret if you send it to a search engine.
This is probably a showstopper for the idea.
You can limit the damage by only sending half of the password, or the first n words/tokens or whatever.
Inspired by the discussion in #63
The reason I came up with the idea. Is if someone uses a password like
maryhadalittlelambwhosfleecewaswhiteassnow
or whatever, it would likely return a billion search results, even though zxcvbn as is would probably think it's an amazing password.
The text was updated successfully, but these errors were encountered: