To prevent this occurence and also remove dependence on an external service we've implemented a security engine based on , that caters for four password minimum levels Weak, Medium, Strong and Best. Please find below the following stack overflow discussion.minimum password requirments for each level:
http://stackoverflow.com/questions/75057/what-is-the-best-way-to-check-the-strength-of-a-password
So now the rule for providing the 1 to 4 rating is:== Weak Password Minimum Requirements ==
* If > 1) New password and confirm new password must match 2) Length needs to be 8 characters, [[File:bxp_weak_password.png|800px]] == Medium Password Minimum Requirements == 1 point) New password and confirm new password must match * If Upper 2) Length needs to be 8 3) Not contain Spaces 4) Must contain at lease one symbol [[File:bxp_medium_password.png|800px]] == Strong Password Minimum Requirements == 1) New password and lower characters, 1 pointconfirm new password must match 2) Length needs to be 8 3) Not contain Spaces 4) Must contain at lease one symbol * If letters and 5) Must contain at least 1 one number, 6) Must contain at least one Uppercase letter [[File:bxp_strong_password.png|800px]] == Best Password Minimum Requirements == 1 point) New password and confirm new password must match 2) Length needs to be 8 3) Not contain Spaces * If special character, 1 point* If a pass phrase, i.e. longer than 25 characters, instant 4 points) Must contain at lease one symbol 5) Must contain at least one number* If 0 points, then, round up to 1 for 6) Must contain at least one Uppercase letter 7) Not contain the the same character 3 times in a weak passwordrow 8) Must not contain both the first name of the user or the surname of the use [[File:bxp_best_password.png|800px]]
