Password strength indicator to consider stronger passwords
In the client area (and any other places people can set a password through WHMCS), there's a fairly basic password strength meter implemented (getPasswordStrength() in PasswordStrength.js). This function thinks that for example this password is great (almost full green bar and a green tick):
While this password:
this is a muCh better password than the one above!
gives an orange bar, and a warning sign.
I think it's time to retire the current mechanism for determining a good password, and come up with something better. There are several out there, but I'd like to point out the one Dropbox has created: https://github.com/dropbox/zxcvbn
It's under an MIT license, so fine to include into commercial products as well.