Components

Password strength meter

Last updated: May 2018

We want to help users choose a strong password when creating their FanDuel account or changing their password.

Strength levels

The password strength meter has four levels from poor, through to excellent. The strength meter is placed in the helper text area within Text Fields

Rationale

We should guide users towards making a good password for their FanDuel account by explaining the strength of their password. To do this we use a password strength meter and the zxcvbn library:

zxcvbn is a password strength estimator inspired by password crackers. Through pattern matching and conservative estimation, it recognizes and weighs 30k common passwords, common names and surnames according to US census data, popular English words, common patterns like dates, repeats (aaa), sequences (abcd), keyboard patterns (qwertyuiop), and l33t speak.

zxcvbn is an algorithmic alternative to password composition policy — it is more secure, flexible, and usable when sites require a minimal complexity score in place of annoying rules like “passwords must contain three of {lower, upper, numbers, symbols}”.