Early Bird Registration for DrupalCon Portland 2024 is open! Register by 23:59 PST on 31 March 2024, to get $100 off your ticket.
There is a list of the 100 most used password topologies in enterprises, based on a research project: https://blog.korelogic.com/blog/2014/04/04/pathwell_topologies
We should use this list to warn the user when he's about to enter a password that matches one of these patterns - like we warn users when they are not using each of the four classes (lowercase, uppercase, digit, special) or use less than 6 characters.
Read for more information: https://www.korelogic.com/Resources/Presentations/bsidesavl_pathwell_201...
Comments
Comment #1
gregglesI'm not sure I understand this issue. The module currently does these things while it rates the password strength in a progressive-disclosure manner.
Comment #2
greggles