There is a list of the 100 most used password topologies in enterprises, based on a research project: https://blog.korelogic.com/blog/2014/04/04/pathwell_topologies

We should use this list to warn the user when he's about to enter a password that matches one of these patterns - like we warn users when they are not using each of the four classes (lowercase, uppercase, digit, special) or use less than 6 characters.

Read for more information: https://www.korelogic.com/Resources/Presentations/bsidesavl_pathwell_201...

Comments

greggles’s picture

Status: Active » Postponed (maintainer needs more info)

I'm not sure I understand this issue. The module currently does these things while it rates the password strength in a progressive-disclosure manner.

greggles’s picture

Category: Feature request » Support request
Status: Postponed (maintainer needs more info) » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.