The red/green markers have been implemented using CSS: In this example it should be clear to the user that the form can only be submitted once all three green ticks appear.In any case browsers such as Firefox and Opera will enforce the HTML5 validation rules and present messages as shown here: Presumably the browser messages will change according to the users language - something that would never be possible using only Java Script.The form below has three input fields: username, pwd1 and pwd2. If a false value is returned then the form submission is cancelled.This code will work for browsers as far back as Netscape 4 (circa 1997). If you're not sure how to place this on your page, you might need to read the preceding article on Form Validation, or view the HTML source of this page.If the purpose of registration is to confirm that the person exists, and that they have supplied a valid email address, then as part of the registration processe you a should either email them a random password or a confirmation token rather than letting them choose their own password and use it immediately.The code presented below would then be used for letting the user change their password.
While having a strong password is a good first step, it needs to be backed up by additional measures on the server that prevent brute-force attacks.They can be used not just in Java Script, but also PHP, Perl, Java and many other languages.Some text editors (not just vi) also allow them when searching for or replacing text. This is a new technique available in modern browsers and definitely the way of the future.One popular approach is to install Fail2Ban to monitor log files and lock out repeat offendors.Of course that only works if your login system reports failed login attempts to a system log file.