Why you STILL can't trust password strength meters
by Mark Stockley
I'm worried about password strength meters.
In March 2015 I tested five popular password strength meters in a simple experiment that was designed to show if they could actually spot weak passwords. They all failed.
It's been almost eighteen months since my original test and during that time password cracking has moved on, authentication standards have moved on and password best practice has moved on.
I wondered if password strength meters had too.
formatting link