Microsoft Research has developed a new tool designed to help prevent people creating weak passwords for themselves. Known as 'Telepathwords', the system takes each character that you type for your desired password and attempts to guess the next one, giving a tick for a character that couldn't be guessed, and a cross for those that could.
The tool detects vulnerabilities in passwords that would have previously been allowed under the standard "rules": passwords such as "P@$$w0rd1", for example, contain at least one uppercase letter, one lowercase letter, a digit, a symbol, and no English words - so are allowed under the rules - but can easily be guessed by hackers due to common patterns and character replacement.
Telepathwords will guess this password through Microsoft's specially-crafted prediction engine, which uses a database of commonly used passwords, phrases and behaviors to root out these bad passwords. As you type it, the tool tells you where you went wrong, such as informing you that character replacement doesn't make a password any more secure.
Stuart Schechter, one of the researchers who developed Telepathwords, admits that while the tool is helpful for rooting out bad passwords, some people will inevitably forget their passwords, and there are still some easy methods for stealing complex passwords. Schechter found back in 2008 that most secret question answers were remarkably easy to guess, which lead to some websites phasing them out in favor of email verification.
Just how easy to guess is your password? Head to Telepathwords and let us know how you fare in the comments below.