Hi.

I'm looking for an offline password strength checker. Similar to how this website works: http://www.passwordmeter.com

I've tried this on KeePassX but it wont allow me to paste long passwords in for some reason. [image attached]

Attached Thumbnails

 

In my humble, no password can be considered to be "strong." Let's face it: it's either going to be written-down on a piece of paper taped underneath the keyboard, or it's going to be added to the list of saved-passwords in a web browser ... from whence it can be filched.

In my humble, the only plausible way to enforce security is by the use of digital certificates that are individually issued ... disallowing the use of passwords.

Think about it: when you enter any office building, you must swipe your badge. No one's sitting there saying, "say the magic word."

What's wrong with writing down a password though? If it's at home then you can leave it next to the computer unless you're encrypting your hard drives and you think a burglar will do some hacking. If it's a work password then a slip of paper in your wallet or purse can be used until you remember it properly -- if somebody steals your wallet or purse then they're hardly likely to then run to your place of work and try to log into your PC.
Sure, certificates are nice but they end up being protected by passwords ultimately since anybody stealing your token can gain access -- in the same way car thieves often break in an steal car keys to make theft easier. certificates stored on hardware like smart cards can be a pain if you forget the also -- as a colleague of mine found out the other day.
There is no panacea just lots of ways to make things more difficult for anybody trying to gain unauthorised access.

As to the original question I am sure that at least one of the password check sites allows the downloading of the web page for offline use but I can't seem to find it now, sorry.

Something like this ?
https://www.grc.com/haystack.htm

Excellent. Not exactly what the OP asked for, but if you read through the info on the page, what's being said there seems to eliminate any need for an offline password strength checker.

You are correct. And no matter how secure/encrypted you make your password, someone can just beat it out of you (a la XKCD). That's why two-stage auth is far better, using something you know (a password, for example) and either something you have (keyfob, token, smartcard, etc.) or something you are (fingerprint, retinal scanner, voice recognition, etc.).

Actually, the building swipe reader is saying just that.

Anyone with a copy of the magnetic stripe on your card has the password.... Now CAC cards are not a swipe - but even they can be spoofed (I have captured the password during testing... so they aren't all that secure either).