This work is related to password-strength meters/checkers, which is that red and green bar informing you about the quality of your password when you are creating one on a registration webpage.
We analyzed meters on highly popular websites to reveal their inner working. Results show critical weaknesses that may defeat the purpose of these meters: encouraging users to willingly choose better passwords.
On this website, you will find our NDSS 2014 paper along with a slightly extended version that gives more details on analyzed meters; a multi-checker tool we built to gather all password checkers into one place; and the sources and resources involved in this project.
You can download the slides of our NDSS talk here.
Authors: Xavier de Carné de Carnavalet and Mohammad Mannan