diff --git a/htdocs/js/app.js b/htdocs/js/app.js
index 6156516..1c9f46b 100644
--- a/htdocs/js/app.js
+++ b/htdocs/js/app.js
@@ -719,17 +719,36 @@ app.extend({
 		//if (!window.zxcvbn) load_script('js/external/zxcvbn.js');
 	},
 	
-	update_password_strength: function($field, $cont) {
+	update_password_strength: function ($field, $cont) {
 		// update password strength indicator after keypress
+		let score = 0
+		let crack_time = 'instant'
+		let password = $field.val()
+
+
 		if (window.zxcvbn) {
-			var password = $field.val();
-			var result = zxcvbn( password );
+			var result = zxcvbn(password);
 			// Debug.trace("Password score: " + password + ": " + result.score);
 			var $bar = $cont.find('div.psi_bar');
 			$bar.removeClass('str0 str1 str2 str3 str4');
 			if (password.length) $bar.addClass('str' + result.score);
 			app.last_password_strength = result;
 		}
+		else { // basic strength checker
+			if (password.match(/[a-z]+/)) score += 0.5
+			if (password.match(/[A-Z]+/)) score += 0.5
+			if (password.match(/[0-9]+/)) score += 1
+			if (password.match(/[$@#&!]+/)) score += 1
+			if (password.length >= 8) {
+				score += 0.5
+				crack_time = 'few hours or days'
+			} else { score -= 0.5}
+
+			app.last_password_strength = {
+				score: score,
+				crack_time_display: crack_time
+			}
+		}
 	},
 	
 	get_password_warning: function() {