Video Screencast Help
Security Community Blog

Test your password : Microsoft password checker

Created: 26 Apr 2010 • Updated: 25 Aug 2010 • 8 comments
riva11's picture
+9 11 Votes
Login to vote

If you are interesting in testing how strong is your password try  Check your password  ( Microsoft Online Safety ). 
A strong password is extremely import to safe all your information and should be include numbers, symbols, upper and lowercase letters in passwords, also avoid any password based on repetition, dictionary words, letter or number sequences.

Link : Check your password

Read also : RandomKeyGen , online password generator

Comments 8 CommentsJump to latest comment

riva11's picture

The  How secure is mypassword   website works estimating a brute force attack.

How It Works

It's just a bit of simple maths:

(number of possible characters to the power of length of the password) divided by calculations per second

+5
Login to vote
Ian_C.'s picture

Thank you for sharing.

Since their release of this tool and before that the strength checker used for Hotmail / Live accounts has always felt lacking. With any long word, you get the strong grading. Google version is only slightly better.

The site howsecureismypassword.net' look very nice and explains it easily. My personal preference has always been http://www.passwordmeter.com/. They provide the source code that you can download and run manually. Why, you might ask? Just like Googles search bar, every keystroke you input could be recorded by the owner of the website, improving the attacks of the bad guys.

Unfortunately, they all seem to measure different criteria. This one only shows the time required, but that time is way different to howsecureismypassword.net

Bonus points for those noticing that all three sites use normal HTTP instead of HTTPS to encrypt your key strokes.

Please mark the post that best solves your problem as the answer to this thread.
+1
Login to vote
bwalker's picture

It's not exactly that case. Google Search bar does transfer the data you type there, these tools do not. This means it is not important whether you use HTTP or HTTPS, your password is checked only within the process of your browser using Javascript. In my opinion this password checker is the best. Besides brute-force calculations it can check your password against dictionary words including some mutations and chaining. As we are talking about HTTP and HTTPS, this one also do not send your password to the server for brute-force analyzes, but does so when you want to use that dictionary check. Instead of HTTPS, an encryption is being used to hide your password from sniffing attackers. However, it is mentioned there that this is prone to MITM attacks and thus less secure than HTTPS. It would be better if it used HTTPS.

+1
Login to vote
deepak.vasudevan's picture

I would recommend Google Account Password Meter which is more comprehensive:

https://www.google.com/accounts/NewAccount?continu...

+1
Login to vote
mb773's picture

Hi riva11, thank you for share these links.

+7
Login to vote
rs_cert's picture

This link is very nice dear. Specally "How secure is mypassword".

+1
Login to vote
Ambesh_444's picture

Good one dear.

Thank u for sharing KB's....

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

-3
Login to vote