My PHP Password Security Checker!

Well I don't know how many people here at tf will find this useful as there aren't that many phpers. But anyway, this is a script that can be implemented into register pages, here goes!

Well the other day I say that MSN's hotmail sign up had a password security script (Done in Javascript) So I thought i'd have a go at a PHP version!
Currently I don't have anywhere to host it but it's free for you all to view:


This is the Error page,
Any major faults in the chosen password will show up as a list of what they've done wrong.
(These include: Not atleast 6 chars, Not matching passes, Not alphanumeric).


This is the "Easy". If it's a most basic password with little amount of characters it shows up as easy.

Link
This is the "Medium". When a password is fairly safe to use and fairly hard to guess, beyond this wouldn't be worh it unless you want to keep things very important away from prying eyes...

Link
This is "Strong". This means the password is long, involves several letters (Capitals and small letters) and several numbers. One thing to note is I havn't allowed anything but alphanumerics.


Now to the code!
index.php
The index includes the form and an iframe (Too much effort to reload a whole page!)
Both form and iframe are in a table to align next to eachother for neatness .

The Inline frame (where the magic happens):
check.php - with comments .
I'd like to thank bfsog, for advice during a little regex dilemma.
I'd upload a working version but neither of my hosts are working ><. Anyone who wants to upload a working version may do so, and link here!

PS: Works on PHP5, untested on PHP4 or less.

Would I be able to integrate this into vB and include complete credit for you in the code on release?

I've no history with vB so I honestly Don't know (I would like to hope so).

Perhaps someone here that knows more about vB will be able to answer..

Originally Posted by sketchie I've no history with vB so I honestly Don't know (I would like to hope so). Perhaps someone here that knows more about vB will be able to answer..

No Sorry - I said, would you be offended if I integrated it into the vB registration page, and gave you full credit for the code?

Oh! I missunderstood silly me.


Of course you can! the code is open to anyone, It would be nice if you gave me credit, thanks for asking .

Quick question though, do you know how to get a form to work inside a form?

I just had ago at trying it (because the code above requires a seperate form) and you would need a form for the actual registration..

sketchie, this is pretty cool. I am going to try to incorporate it in to one of my sites for sure. One problem I encountered though. It doesnt allow for the use of anything except numbers and letters. Now I regularly use other characters like @&-) etc to really harden my passwords. Having these in your script is a must IMO.

Good job so far!

Thanks woof ,

I know, I'm thinking of updating it to allow a few other characters, say:
#~-@[]:£%^.

There are a few characters I don't want to include as they may mess a few things up (eg: ' ").

I may have a look into updating it tomorrow

oh one more thing. Since it isnt actually in an actual password form, is it possible to have only one entry field. I can see putting this on a signup page as a tool to pretest someones password but I dont think double entry would be necessary in that usage.

Originally Posted by sketchie Thanks woof , I know, I'm thinking of updating it to allow a few other characters, say: #~-@[]:£%^. There are a few characters I don't want to include as they may mess a few things up (eg: ' ")

At least add those across the number keys at the top.

Originally Posted by Woof oh one more thing. Since it isnt actually in an actual password form, is it possible to have only one entry field. I can see putting this on a signup page as a tool to pretest someones password but I dont think double entry would be necessary in that usage.

It could be used in the registration (there for needing two entries), either that or in a pop up window I guess.