Opened 6 years ago
Closed 6 years ago
#29274 closed Cleanup/optimization (fixed)
Update the password list used by CommonPasswordValidator to a more recent list
| Reported by: | Brenton Cleeland | Owned by: | Jessica |
|---|---|---|---|
| Component: | contrib.auth | Version: | 2.0 |
| Severity: | Normal | Keywords: | CommonPasswordValidator |
| Cc: | Triage Stage: | Accepted | |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
There is a recently released list of common passwords from Troy Hunt / Have I Been Pwned that could be used as a basis for the CommonPasswordValidator.
Most of the top 20k have been unhashed and made available here by Royce Williams:
https://gist.github.com/roycewilliams/281ce539915a947a23db17137d91aeb7
My suggestion would be to use this complete list, but I'd be open to using a smaller subset if the community would prefer.
Change History (4)
comment:1 by , 6 years ago
| Triage Stage: | Unreviewed → Accepted |
|---|---|
| Type: | New feature → Cleanup/optimization |
comment:2 by , 6 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
Note:
See TracTickets
for help on using tickets.
django-developers discussion