We have a client that requires the password complexity to not be so strong. This has probably been suggested before, but could there be the option for each rule with a series of tick boxes?
- Minimum length (customizable)
- Doesn't match blog info
- Doesn't match user data
- Must either have numbers, punctuation, upper and lower case characters or be very long. Note: alphabets with only one case (e.g. Arabic, Hebrew, etc.) are automatically exempted from the upper/lower case requirement.
- Non-sequential codepoints
- Non-sequential keystrokes (custom sequence files can be added)
- Not in the password dictionary files you've provided (if any)
- Decodes "leet" speak
- The password/phrase is not found by the dict dictionary program (if available)
I would expect this would be a welcomed feature and would also mean we wouldn't need to look for an alternative solution.