id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc
21737,"Users should have to jump through hoops to set passwords of their choosing, and we should guard better against weak passwords",markjaquith,westi,"People are terrible at choosing secure, unique, complex, unguessable passwords. Unless someone is using a password storage system, the chances are good that the passwords they're choosing are really weak.

We can mitigate this problem.

1. Let's make the default to always be that WordPress picks a password for you. When installing WordPress, or when creating a new user account, or when changing your password on your profile. The default should be that we generate a secure password for the user. They can remember it, write it down (not ideal, but generally more secure than choosing a weak password), or copy and use it once, check the ""remember me"" box, and not worry about it until their cookie expires on that computer.

2. If they do opt to manually create a password, we need to do better than our current password strength meter. And the lowest level should actually nag them with an AYS before they proceed. I suggest the following, to start, which would trigger the lowest level, and cause them to have to dismiss a warning (or check a checkbox... UI TBD) before continuing:

* compare the strtolower'd version of their password to strtolower'd versions of all their info (username, first/last name, part of e-mail address before the @, etc).
* any password that is shorter than 8 characters
* a blacklist of popular passwords (these lists are available... even grabbing the top 100 would give use good coverage)
* 3 or more consecutive digits (""123456"" and company are very popular)
* anything that looks like a date",feature request,accepted,normal,Awaiting Review,Security,,normal,,,xoodrew@… bananastalktome@… danielc@… info@… daryl@… manishkrag@… DeanMarkTaylor cbraddoss ian_dunn@… ipstenu@… erick@… brad@… chris@…