The passive aggressive password strength meter

Graham Cluley

We’re all familiar with websites that try to help you choose a stronger password – grading it weak, average or strong.

By the way, they’re not always great judges of whether a password is really strong or not.

For instance, some password strength checkers consider any password with more than X number of characters to be strong, even if they are the same character repeated over-and-over again, or even if the password is 1234567890.

Sign up to our newsletter
Security news, advice, and tips.

And some of the password strength checkers built into websites won’t check if your password is an obvious common choice like passw0rd.

Hopefully, by now, you have recognised that it’s better to get a password management utility like 1Password, KeePass or LastPass to generate random, complex passwords for you… and then remember them securely, so you don’t have to.

If you have configured those tools properly, you should never again experience a website being rude about the quality of your password.

But, if you hanker for the old days, you might like this.

PaP is The Passive Aggressive Password Machine, a neat website created by New York-based web designers Tim Holman and Tobias van Schneider.

What I liked about PaP is its caustic collection of putdowns which will happily insult the quality of your passwords until the cows come home.

Obviously, I don’t recommend entering your real passwords onto the site – but it is a bit of fun.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

6 comments on “The passive aggressive password strength meter”

  1. Well really – if they're going to make unkind comments about people's passwords, the least they can do is spell them correctly. I'm frankly disstressed, dissmayed, and more than a little disstraught.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.