What is the best way to check the strength of a password?

Question

What is the best way of ensuring that a user supplied password is a strong password in a registration or change password form?

One idea I had (in python)

<         


        

Answer 1

What is the best way of ensuring that a user supplied password is a strong password in a registration or change password form?

Don't evaluate complexity and or strength, users will find a way to fool your system or get so frustrated that they will leave. That will only get you situations like this. Just require certain length and that leaked passwords aren't used. Bonus points: make sure whatever you implement allows the use of password managers and/or 2FA.