We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Checking password strength error

clonmelog
clonmelog asked
on
Medium Priority
433 Views
Last Modified: 2012-05-05
Hi,

Im using a script that i found at http://www.geekwisdom.com/dyn/passwdmeter to check passwords and how strong they are against the specified rules. Im currently trying to implement it here: http://www.templateit.net/register.php but im getting errors when i try to do it. I cant spot why the error is occuring because it works fine for me on a plain html form and ive just copied over the same code. any ideas?

heres the form code, the js file is available from the above link.

<script type="text/javascript" src="javascript/passwordmeter.js"></script>
<h1 class="HedingText">Register</h1>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td width="124"><div align="left" class="style3">Username*:</div></td><td width="415">
  <div align="left">
    <input type="text" name="uname" maxlength="40"><?=$uname_error?>
  </div></td></tr>
<tr><td><div align="left" class="style3">Password*:</div></td><td>
<input type="password" name="passwd" maxlength="50" onKeyUp="testPassword(document.forms.passwordForm.passwd.value)">
<?=$passwd_error?>Password Strength:
<input name="score" size="3" type="text"> &nbsp; Strength verdict: <input name="verdict" size="15" type="text">
</td></tr>
</form>
Comment
Watch Question

Commented:
Hi clonmelog,

Your form does not have a name.  Based on your code it should be named "passwordForm"

Also I don't know if I'd use the onKeyUp method for this.  I would think onBlur would be more appropriate, but since I don't know exactly what the function is doing I can't say that for sure.

Hope this helps,
Neal.
ZvonkoSystems architect
CERTIFIED EXPERT
Top Expert 2006

Commented:
Change this:

<input type="password" name="passwd" maxlength="50" onKeyUp="testPassword(document.forms.passwordForm.passwd.value)">

To this:

<input type="password" name="passwd" maxlength="50" onKeyUp="testPassword(this.value)">

Systems architect
CERTIFIED EXPERT
Top Expert 2006
Commented:
Change it to this:

<input type="password" name="passwd" maxlength="50" onKeyUp="testPassword(this)">

And change your script like this:

function testPassword(theField){
  var theForm = theField.form;
  var password = theForm.passwd.value;
            var intScore   = 0
            var strVerdict = "weak"
            var strLog     = ""
            
            // PASSWORD LENGTH
            if (password.length<5)                         // length 4 or less
            {
                  intScore = (intScore+3)
                  strLog   = strLog + "3 points for length (" + password.length + ")\n"
            }
            else if (password.length>4 && password.length<8) // length between 5 and 7
            {
                  intScore = (intScore+6)
                  strLog   = strLog + "6 points for length (" + password.length + ")\n"
            }
            else if (password.length>7 && password.length<16)// length between 8 and 15
            {
                  intScore = (intScore+12)
                  strLog   = strLog + "12 points for length (" + password.length + ")\n"
            }
            else if (password.length>15)                    // length 16 or more
            {
                  intScore = (intScore+18)
                  strLog   = strLog + "18 point for length (" + password.length + ")\n"
            }
            
            
            // LETTERS (Not exactly implemented as dictacted above because of my limited understanding of Regex)
            if (password.match(/[a-z]/))                              // [verified] at least one lower case letter
            {
                  intScore = (intScore+1)
                  strLog   = strLog + "1 point for at least one lower case char\n"
            }
            
            if (password.match(/[A-Z]/))                              // [verified] at least one upper case letter
            {
                  intScore = (intScore+5)
                  strLog   = strLog + "5 points for at least one upper case char\n"
            }
            
            // NUMBERS
            if (password.match(/\d+/))                                 // [verified] at least one number
            {
                  intScore = (intScore+5)
                  strLog   = strLog + "5 points for at least one number\n"
            }
            
            if (password.match(/(.*[0-9].*[0-9].*[0-9])/))             // [verified] at least three numbers
            {
                  intScore = (intScore+5)
                  strLog   = strLog + "5 points for at least three numbers\n"
            }
            
            
            // SPECIAL CHAR
            if (password.match(/.[!,@,#,$,%,^,&,*,?,_,~]/))            // [verified] at least one special character
            {
                  intScore = (intScore+5)
                  strLog   = strLog + "5 points for at least one special char\n"
            }
            
                                                                                                 // [verified] at least two special characters
            if (password.match(/(.*[!,@,#,$,%,^,&,*,?,_,~].*[!,@,#,$,%,^,&,*,?,_,~])/))
            {
                  intScore = (intScore+5)
                  strLog   = strLog + "5 points for at least two special chars\n"
            }
      
            
            // COMBOS
            if (password.match(/([a-z].*[A-Z])|([A-Z].*[a-z])/))        // [verified] both upper and lower case
            {
                  intScore = (intScore+2)
                  strLog   = strLog + "2 combo points for upper and lower letters\n"
            }

            if (password.match(/(\d.*\D)|(\D.*\d)/))                    // [FAILED] both letters and numbers, almost works because an additional character is required
            {
                  intScore = (intScore+2)
                  strLog   = strLog + "2 combo points for letters and numbers\n"
            }
 
                                                                                                  // [verified] letters, numbers, and special characters
            if (password.match(/([a-zA-Z0-9].*[!,@,#,$,%,^,&,*,?,_,~])|([!,@,#,$,%,^,&,*,?,_,~].*[a-zA-Z0-9])/))
            {
                  intScore = (intScore+2)
                  strLog   = strLog + "2 combo points for letters, numbers and special chars\n"
            }
      
      
            if(intScore < 16)
            {
               strVerdict = "very weak"
            }
            else if (intScore > 15 && intScore < 25)
            {
               strVerdict = "weak"
            }
            else if (intScore > 24 && intScore < 35)
            {
               strVerdict = "mediocre"
            }
            else if (intScore > 34 && intScore < 45)
            {
               strVerdict = "strong"
            }
            else
            {
               strVerdict = "stronger"
            }
      
      theForm.score.value = (intScore)
      theForm.verdict.value = (strVerdict)
      //theForm.matchlog.value = (strLog)
      
}

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
with that code i still get an error on the page@:

http://www.templateit.net/register.php
ZvonkoSystems architect
CERTIFIED EXPERT
Top Expert 2006

Commented:
You did not copy the first character from my upper example.
You have this:
************************************************************ */
unction testPassword(theField){

Author

Commented:
Silly mistake, sorry.

thanks for the help, that works great.
ZvonkoSystems architect
CERTIFIED EXPERT
Top Expert 2006

Commented:
You are welcome.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.