There are new requirements for passwords. This new approach bases Password strength on its ability and timeframe to be cracked -- ranging from 'instantly' to 'centuries'. This zxcvbn methodology is a password strength estimator inspired by password crackers. Through pattern matching and conservative estimation, it recognizes and weighs:
- 30k common passwords
- common names and surnames according to US census data
- popular English words from Wikipedia
- US television and movies
- other common patterns like dates
- repeats (aaa)
- sequences (abcd)
- keyboard patterns (qwertyuiop)
- and l33t speak.
For a level 5 password that is EASY to remember but HARD to crack, we recommend:
- Decide on a phrase that is easily remembered.
- Use one letter from each word, mixing Upper and Lowercase.
- Example phrase: "I love Physical Therapy in the morning, all day long"
- That becomes the password: IlPTitm,adl
- Example phrase: "Wow I love my EMR; it's great!"
- That becomes the password: WIlmEMR;ig!