Hackers can build a personalized dictionary based on your social profile to crack your passwords faster and more effectively.

Product description: SocialPass evaluates strength of your passwords based on your social profile, that is highlighting all overlaps between your passwords and what you posted online. You can type any possible passwords and it will evaluate strength of your. In addition, it alerts you if you account has been exposed during recent breaches (such as Adobe, Target, and so on). Finally, several statistics such as cracktime, entropy, and overall password strength is shown in real-time and in an intuitive manner.

Business application: SocialPass aims to raise security awareness of users and simplify periodically password rotation. In the future SocialPass can be used to suggest personalized, yet memorable passwords to you based on your private dictionary and your goals. For example, SocialPass can suggest your password as "p1v0tmystartUP!", so everytime you type this password, you will be motivated to finish your business goal. There will be no more scratching your head coming up with new passwords every month at work.

Technical description: SocialPass uses its fuzzy matching algorithm and real-time indexing to quickly provide feedbacks of how strong are your passwords in real-time.

Acknowledgements: SocialPass uses following publically available libraries and templates: django-herokuapp, zxcvbn, python-facebook-sdk, python-nltk, PwnedCheck, angularjs, django.

Note: Google Chrome might show a false security warning, you can just select Details, then scroll down to the bottom right, and select continue to visit this site.

Disclaimer: My idea existed earlier this year (2014) before the hackathon. I demonstrated this idea using Twitter at Salesforce hackathon earlier this month. In this Product Hunt hackathon, I built my app for Facebook instead of Twitter. I rewrote both the backend and frontend code to support real-time analytics. The current SocialPass app on Heroku is demoed using my Facebook profile and may experience token expiration. In the future, my app will support OAuth2 so anyone can login and check their passwords.