[opendais]

I'm not from the UK and I never believe anything a company puts on its about us page. ;)

If they are doing statistical analysis on password, they'd have to send that information somewhere so I'm not surprised that they are.

Anyone who is concerned about security shouldn't be giving their password to a 3rd party to verify [even via a javascript webpage] for any reason.

Also: "(Never enter your real password into a password checker, as unlike this one, some may be fake)" From the page.

[daveslash]

I give this site to people so they can check the strength of their twitter password. I think it get's the point across. http://www.ismytwitterpasswordsecure.com

[Tyrannosaurs]

> Also: "(Never enter your real password into a password checker, as unlike this one, some may be fake)" From the page.

That's genius because scammers would never say something like that because that would be lying and people don't lie because it's naughty.

[opendais]

I read that and concluded they meant "Do not use a real password on this site"

[crashandburn4]

> Anyone who is concerned about security shouldn't be giving their password to a 3rd party to verify [even via a javascript webpage] for any reason.

I'd agree but I don't think anyone who reads hacker news is likely to use a password checker anyway. We all, however, know less technical people who could and would get compromised by something like this and to have it endorsed by the government sends the message that it is safe. That's the problem as far as I'm concerned.