P.S. except it even does! Still, the webform canot cope with REAL passwords...
Sorry for keeping going on but the webform finds this password: zZ?S*C>O?7dgY7 "Weak".
It also finds this one 8B2AI6 "Fair".
What have those webdevs smoked? #passwordpolicy
@spaetz my favorite password snafu was when my bank changed their online interface and system, for online banking and in the process reduced the number of chars in a password that they supported to 20.
My password was over 50 chars. So I was locked out because the new system did not supported that.
@joao I would claim that any system that limits the password length to a specific maxiumum size is broken. They should be hashed and crunched client-side anyway and never reach the main databases in clear anyway.