Password Checker

This Perl script was originally written under Perl 5.8.4. It should require no modules other than those which are normally included with a default Perl distribution.

Essentially it checks an input password string to see whether it matches certain predefined formats. Such formats are limited to a minimum and maximum length , real dictionary words (based on the spell-check dictionary) and some common UK "string formats" which people may use as passwords (the registration number of their car, their home post code etc) all of which may be regarded as insecure, perhaps being crackable by brute force or guesswork.

#!/opt/perl/bin/perl -w
# Password checker
#
$min_length = 8;
$max_length = 12;
printf "enter a password: ";
while ($password = <>)
{
# Get rid of trailing blanks or carriage-returns
   chomp($password);
# Check for min_length
   printf "$password too short\n" if ( length($password) < $min_length);
# Check for max_length
   printf "$password too long\n" if ( length($password) > $max_length);
# Check for UK postcodes of the format AANNNAA
   if ($password =~ m/^([a-z]{2})([0-9]{1,3})([a-z]{2})$/i)
   {
      printf "dollar1 %s dollar2 %s dollar3 %s \n" , $1 , $2 , $3;
      printf "$password looks like a UK postcode \n";
   } 
# Check for UK vehicle reg number format AAANNNA
   if ($password =~ m/^([a-z]{3})([0-9]{1,3})([a-z]?)$/i)
   {
      printf "dollar1 %s dollar2 %s dollar3 %s \n" , $1 , $2 , $3;
      printf "$password looks like a very old-style UK registration number \n";
   }
# Check for UK vehicle reg number format ANNNAAA
   if ($password =~ m/^([a-z]?)([0-9]{1,3})([a-z]{3})$/i)
   {
      printf "dollar1 %s dollar2 %s dollar3 %s \n" , $1 , $2 , $3;
      printf "$password looks like an old-style UK registration number \n";
   }
# Check for UK vehicle reg number format AANNNAAA
   if ($password =~ m/^([a-z]{2})([0-9]{2})([a-z]{3})$/i)
   {
      printf "dollar1 %s dollar2 %s dollar3 %s \n" , $1 , $2 , $3;
      printf "$password looks like a new-style UK registration number \n";
   }
# Check for real words in the spellcheck dictionary
   open WORDS, "/usr/dict/words";
   while ()
   {
      if ( /^($password)$/i)
      {
         printf "dollar 1 %s \n", $1;
         printf "that's in the spellcheck dictionary \n";
      }
   }
   close WORDS;
printf "enter a password: ";
}