I’m working on user passwords security and one of the important things for me is to force the user to reenter a password when the password is found in most common passwords list.
What would be the best way to do this?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m working on user passwords security and one of the important things for me is to force the user to reenter a password when the password is found in most common passwords list.
What would be the best way to do this?
It depends. You can create a text-file with common passwords and check if the password a user entert is in this list.
One big drawback is that this file would be very large and it is nearly impossible to cover all common passwords this way.
So I would recommend to write a function which checks the user input for different forbidden phrases. For e.g. if you know the real names of the users I would forbid to take them as a part of a password. In addition you can force the user to enter a minimum amount of characters as well as some special characters or numbers.