in reply to
Re^7: Password strength calculation
in thread Password strength calculation
I think you really nailed this one on the head, the "natural language" password idea (using a long phrase as your password) is a great, and solid, idea. I hadn't thought of the incremental delay after a password attempt, that's brilliant as well.
As for password encryption, I think I like bcrypt the best (checkout Crypt::Eksblowfish::Bcrypt).
Three thousand years of beautiful tradition, from Moses to Sandy Koufax, you're god damn right I'm living in the fucking past