update common password checker for 10 char+

2024-11-22 08:57:10 -06:00 · 2016-03-03 04:06:50 -08:00 · 2016-03-03 04:06:50 -08:00 · 57c518eee1
commit 57c518eee1
parent f3c868e7bb
4 changed files with 2348 additions and 10002 deletions
--- a/lib/common_passwords/10-char-common-passwords.txt
+++ b/lib/common_passwords/10-char-common-passwords.txt
--- a/lib/common_passwords/common_passwords.rb
+++ b/lib/common_passwords/common_passwords.rb
@ -1,5 +1,7 @@
 # CommonPasswords will check a given password against a list of the most commonly used passwords.
-# The list comes from https://xato.net/passwords/more-top-worst-passwords/#.UrR1AHmpxs4
+# The list comes from https://github.com/danielmiessler/SecLists/tree/master/Passwords
+# specifically the list of 10 million passwords, top 100k, filtered by length
+#
 # The list is stored in Redis at a key that is shared by all sites in a multisite config.
 #
 # If the password file is changed, you need to add a migration that deletes the list from redis
@ -9,7 +11,7 @@

 class CommonPasswords

-  PASSWORD_FILE = File.join(Rails.root, 'lib', 'common_passwords', 'long-common-passwords.txt')
+  PASSWORD_FILE = File.join(Rails.root, 'lib', 'common_passwords', '10-char-common-passwords.txt')
  LIST_KEY = 'discourse-common-passwords'

  @mutex = Mutex.new
--- a/lib/common_passwords/long-common-passwords.txt
+++ b/lib/common_passwords/long-common-passwords.txt
--- a/lib/common_passwords/short-common-passwords.txt
+++ b/lib/common_passwords/short-common-passwords.txt