Password Previewing Tool version 2.0

I've decided I may futz forever with the new and improved password previewing tool, so I'm releasing it for feedback.

New features:

  • Checks for hard to type letter combinations like "ere".
  • Checks for silly passwords like "password", "bosco", phone numbers, social security numbers, birth dates, famous people, sports teams, the most common people's names (john & mary, etc)
  • Checks against a list of the 2000 or so most often used passwords.
  • Allows you to change the length of the password field. This will also change the maximum number of allowed characters to match.

And now, without further adieu, here is the new and improved password previewing tool. Feedback welcome, especially on its usability and any silly passwords you punch in that it does not recognize.

Compatibility notes: Tested on IE6, Netscape 6 (Phoenix). Does NOT work with Netscape 4. If you don't know what that means, you're probably fine, just give a try.

Posted by Chad Lundgren on Friday, November 15, 2002 (Link)


Posted by Rotwang Wednesday, November 20, 2002 at 09:26 AM

It let me use the password "zenhaiku." I would not be surprised if some people use a web site's name as their password, because it can be so difficult to remember the passwords of all the sites they visit.

I'd check the password against words contained in the domain name.

Posted by Chad Lundgren Wednesday, November 20, 2002 at 03:24 PM

That's an excellent suggestion. I made two changes in response to your suggestion, and a third because of something I ran across:

1. I added a list of top Internet sites, like,,, etc, to the list of well-known stuff you should avoid for password usage (Hey, zenhaiku is a well known site to *me*).

2. I added a check for domain name and IP address patterns. This also catches email addresses. Like most of the checks, this does not rule out another match, so will result in two hits.

3. I added a check that asks you if you meant to make your password all upper case, not including white space or numbers. This after I punched in a password all upper case without noticing.

Thanks for the feedback!