Password scoring application wanted

[Les Mikesell]

On Thu, 2005-04-21 at 21:10, Joel wrote:

> And extra points if it prevents use of passwords too close to the
> previous password(s),

Doesn't that require keeping a copy of the password in a form
that can be decrypted?  That seems much more dangerous than
the chance of the next one being somewhat similar.

> Why does the concept bug me? Why do I think that if it's machine
> generated and easy to memorize it's going to be easy to brute force?

If computers can't do things better than you would yourself, why
are we bothering to use them?

> Anyway, helping the user at least set a password other than the typical
> "password" sort of password will be sort of an improvement, at least for
> a little while.

It's hard to reconcile this comment with the previous one that
implied that the user would do a better job than pwgen...

-- 
  Les Mikesell
   les at futuresource.com