This project has moved and is read-only. For the latest updates, please go here.
9
Vote

Guide users toward high-strength passwords

description

The vast majority of the cases in which attackers have succeeded against TrueCrypt have been directly attributable to weak password choices. At present VeraCrypt only looks at the length of the user's proposed passphrase and issues a warning if the length is less than 20 characters.

High-quality open source UniCode-enabled password strength checking software already exists in several languages - see http://danpalmer.me/jquery-complexify/ - and VeraCrypt could easily incorporate all of that existing code. This would enable VeraCrypt to much more accurately assess the strength of the user's proposed password and then provide password selection assistance in order to help guide the user toward the strongest password that the user is willing to provide.

comments

algreider8 wrote Jan 16, 2015 at 6:25 AM

Great idea, commenter8!
100% agreed.