Telerik Forums / UI for ASP.NET AJAX
This is a migrated thread and some comments may be shown as answers.

Password Strength Score

6 Answers 214 Views
Input
This is a migrated thread and some comments may be shown as answers.
rootberg
Top achievements
Rank 2
rootberg asked on 31 Jan 2012, 10:17 PM
Is there a way to get the password strength score on the server side? I know that I could just populate a hidden text box with the score and have is posted back to the server, but I was wondering if there was a more elegant solution.

6 Answers, 1 is accepted

Sort by
0
Accepted
Vasil
Telerik team
answered on 01 Feb 2012, 12:52 PM
Hello rootberg,

The strength score is calculated only ClientSide. So your solution with the hidden field is maybe the clearest and easiest one.

Kind regards,
Vasil
the Telerik team
If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now
0
Michael
Top achievements
Rank 1
answered on 04 Feb 2013, 10:09 PM
Then what's to stop someone from bypassing a minimum strength requirement by altering the value of the hidden field? Client-side only validation is dangerous business - the values are too easy to manipulate.

0
Vasil
Telerik team
answered on 05 Feb 2013, 09:45 AM
Hello Michael,

This is not validation method of the RadTextBox, it is only indicator, to notify the users if their password is good(safe) enough.

To validate the password you should use asp:CustomValidator or asp:RegularExpressionValidator, or to perform some additional server side validation.

All the best,
Vasil
the Telerik team
If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now.
0
liu
Top achievements
Rank 1
Veteran
answered on 07 Jul 2020, 02:06 PM

hello,
how telerik calculate the Strength of password? where i can get info? 
for example telerik pu score 10% what does it mean? like less 10 caractest or there is no uppercase caracters? 
var calculatedScore = args.get_strengthScore(); --> how it get this score?


https://www.telerik.com/forums/password-strength-score
https://docs.telerik.com/devtools/aspnet-ajax/controls/textbox/features/password-strength-checker

<script type="text/javascript">
    function CalculatingStrength(sender, args) {
        if (args.get_passwordText() == "Enter Password") {
            //Manually set strength Score depending on the input text.
            args.set_indicatorText("Custom text");
            args.set_strengthScore(0);
        }
        else {
            var calculatedScore = args.get_strengthScore();
            //Changing the indicator text depending on the calculated score.
            args.set_indicatorText("Score: (" + calculatedScore + "/100)");
        }
    }
</script>
0
Doncho
Telerik team
answered on 09 Jul 2020, 03:56 PM

Hi Liu,

The score is calculated respecting the values set in the CalclulationWeightings property. By default the weightings are length=50%; numeric=15%; casing=15%; symbol=20%.

CalculationWeightings - List of 4 semicolon-separated numeric values used to determine the weighting of a strength characteristic. The total of the 4 values should be 100. The default they are defined as 50;15;15;20. This means that password length will determine the 50% of the strength calculation, Numeric criteria is 15% of strength calculation, casing criteria is 15% of calculation, and symbol criteria is 20% of the calculation. So the format is "A;B;C;D" where A = length weighting, B = numeric weighting, C = casing weighting, D = symbol weighting.

You can find more information in the About this demo section in our live demo - TextBox - Password Strength Checker. You can also play around changing the password strength settings to get a better feeling of the resulting strength in percent.

I hope that will prove helpful!

Kind regards,
Doncho
Progress Telerik

Progress is here for your business, like always. Read more about the measures we are taking to ensure business continuity and help fight the COVID-19 pandemic.
Our thoughts here at Progress are with those affected by the outbreak.
0
liu
Top achievements
Rank 1
Veteran
answered on 09 Jul 2020, 08:37 PM
thank you very much for answer
Tags
Input
Asked by
rootberg
Top achievements
Rank 2
Answers by
Vasil
Telerik team
Michael
Top achievements
Rank 1
liu
Top achievements
Rank 1
Veteran
Doncho
Telerik team
Share this question
or