The tests are: 1: Length >= 6 characters 2a: Contains number(s) (0-9) 2b: Contains lowercase letter(s) (a-z) 2c: Contains uppercase letter(s) (A-Z) 2d: Contains symbol character(s) (!@#$%^&*()-=_+`~\|":;<>,.?/ ... etc) A password is good if it meets rule #1 and three of the four in #2.
P.S. That's the MS Active Directory test set isn't it? I think that this thread has a cleaner set than what I wrote months ago -- I'll have to look at updating whatever it was I wrote way back when... -grin-
j