WordPress.com Password Strength
Author: Dave Lewis
I was poking around WordPress.com today. When creating an account I noticed something interesting. The password strength meter gave me a “good” rating for the password of….”password”. This was odd as just below the field to enter the password was this text “Use upper and lower case characters, numbers and symbols like !”£$%^&( in your password.”
OK, so then I thought what would it take to make the strength meter give me a strong rating?
OK, this is not encouraging. The password was set to “password123″ and it gave me a strong rating. So, I then I tried another example. I decided to enter characters in sequence until I got a strong. I entered “abcdefghijklm”. Once I got to “m” I received a rating of strong.
Don’t get me wrong, I am a huge proponent of WordPress but, this sort of password strength testing leaves an unfortunate sense of security with users.
Tags: Wordpress Password Validation, Password Security, Wordpress Security
