Last modified: 2007-05-08 00:33:02 UTC
MediaWiki should, upon first logon, grab an existing user's password, and give
it some sort of rating based on password strength (vulnerability to dictionary
attacks, lowercase, uppercase, numbers, special characters, etc.) If an
administrator has a low password rating, it should give them a stern warning
that they should change their password immediately.
At the change password screen in "my preferences", a password meter, similar to
Gmail's (visit gmail.com, click "Sign up for Gmail", and type a password into
the form) should trigger, forcing a minimum password length, and showing a user
their password strength.
This meter would also show up upon the creation of a new account.
Ideally, this option, and things like minimum password length, rating at which
an admin is warned that their password is weak, etc., would be site-configurable
via the config file.
*** This bug has been marked as a duplicate of 3348 ***