@erik-viklander these are directly from the password strength calculation library zxcvbn which NodeBB uses to enforce password strength. result.score # Integer from 0-4 (useful for implementing a strength bar) 0 # too guessable: risky password. (guesses < 10^3) 1 # very guessable: protection from throttled online attacks. (guesses < 10^6) 2 # somewhat guessable: protection from unthrottled online attacks. (guesses < 10^8) 3 # safely unguessable: moderate protection from offline slow-hash scenario. (guesses < 10^10) 4 # very unguessable: strong protection from offline slow-hash scenario. (guesses >= 10^10)