Customer interface

• The mod adds a password strength indicator below the password field.  This box changes the state to show the results of the password strength on entry of the first password box.  This status is not affected by the password repeat in the second box.
• The status displays both text and a color when states are changed from no password entered to either a bad, good or strong password.  These colors can be changed via CSS.
• If the password entered is deleted this status will return to the default of  'TooShortPassword'.
• All text used in the customer interface is editable in language variables.

Admin interface

In the Security section there is a new area called 'Password Meter feature options' that contains:

• The checkbox "Enable PasswordMeter script at the register page"
• Select box to submit threshold for GoodPassword (provides selection from range between 1 and 50 points)
• Select box to submit threshold for StrongPassword (provides selection from range between 51 and 99 points)
• The checkbox "Do not allow submit of register form if the password is not good". When unchecked, customers will be just informed that their passwords are weak,  but they will be allowed to submit weak passwords.
• The checkbox "Display scores explanation to the customer"
• Text explaining the algorithm (this is quite long and therefore can be expanded/contracted)

Algorithm

The password score is based on the following conditions:

• If the password matches the username then BadPassword
• If the password is less than 4 characters then TooShortPassword
• Score += password length * 4
• Score -= repeated characters in the password ( 1 char repetition )
• Score -= repeated characters in the password ( 2 char repetition )
• Score -= repeated characters in the password ( 3 char repetition )
• Score -= repeated characters in the password ( 4 char repetition )
• If the password has 3 numbers then score += 5
• If the password has 2 special characters then score += 5
• If the password has upper and lower character then score += 10
• If the password has numbers and characters then score += 15
• If the password has numbers and special characters then score += 15
• If the password has special characters and characters then score += 15
• If the password is only characters then score -= 10
• If the password is only numbers then score -= 10

• If score > 100 then score = 100

The admin can edit three score thresholds in the admin area that will decide the strength of the password

• If 0 < score < 34 then BadPassword
• If 34 < score < 68 then GoodPassword
• If 68 < score < 100 then StrongPassword