Class: CommonPasswords

Inherits:

Object

Object
CommonPasswords

Defined in:: lib/common_passwords.rb

Overview

CommonPasswords will check a given password against a list of the most commonly used passwords. The list comes from github.com/danielmiessler/SecLists/tree/master/Passwords specifically the list of 10 million passwords, top 100k, filtered by length

The list is stored in Redis at a key that is shared by all sites in a multisite config.

If the password file is changed, you need to add a migration that deletes the list from redis so it gets re-populated:

Discourse.redis.without_namespace.del CommonPasswords::LIST_KEY

Defined Under Namespace

Classes: RedisPasswordList

Constant Summary collapse

PASSWORD_FILE =

File.join(Rails.root, "lib", "common_passwords", "10-char-common-passwords.txt")

LIST_KEY =

"discourse-common-passwords"

Class Method Summary collapse

.common_password?(password) ⇒ Boolean

Class Method Details

.common_password?(password) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/common_passwords.rb', line 20

def self.common_password?(password)
  return false unless password.present?
  password_list.include?(password)
end