2014-08-02_10-15-15 password1

We got several feature requests around passwords, management of passwords, handling of credentials, etc. Some features required a bit of thinking and research on how to implement them. Two very popular feature requests around credential management were:

  • A password strength indicator
  • A password generator

With Royal TS (for Windows) V3 and Royal TSX (for OS X) V2 just around the corner, we thought we give it a spin and implement those two popular feature requests:

Password Strength

It turned out that measuring password strength isn’t as easy as initially thought. Of course a simple algorithm checking for length and occurrence of certain characters may be sufficient but what about passwords containing words or names which are well known in dictionaries? We found an interesting approach on the dropbox blog: https://tech.dropbox.com/2012/04/zxcvbn-realistic-password-strength-estimation/

The above blog entry does a great job explaining the issue with password strength estimation and offers a great open source solution: zxcvbn

zxcvbn named after a crappy password, is a password strength estimation library. Use it to implement a custom strength bar!

zxcvbn attempts to give sound password advice through pattern matching and conservative entropy calculations. It finds 10k common passwords, common American names and surnames, common English words, and common patterns like dates, repeats (aaa), sequences (abcd), and QWERTY patterns

We have implemented zxcvbn and decided to show the strength of the password wherever you have to enter or edit one. This way we can constantly bring the complexity and strength of the used password to your attention.

2014-08-02_10-19-09 password2
rtsx_bad
2014-08-02_10-20-46 password3
rtsx_better
2014-08-02_10-21-25 password4
rtsx_muchbetter

Password Generator

You probably know the situation: signing up for a web site, creating a new user for a remote system, etc. but what password should I use?

Well, in most cases you do not really care about the password as long as it is complex enough. Managing multiple passwords is a challenge and credential management – such as you can find in Royal TS/X – is key. You always need to remember the one “master password”. Besides complexity, the golden rule of credential management is to not reuse passwords.

To make it quick, easy and safe to create new passwords, we tightly integrated a password generator which is available on all password fields that can store a password.

2014-08-02_10-22-21 password5
rtsx_generator

Copy to Clipboard

As you may have seen in the Royal TS (for Windows) screenshots, next to the already well known show/hide password button, we implemented a new one which allows you to quickly copy the password to the clipboard using a single click.

There are still a couple of things on our roadmap. Stay tuned and subscribe to our blog to get the latest news…

Previous Post Next Post