[keycloak-dev] Blacklist Password Policy
Bill Burke
bburke at redhat.com
Fri Jul 28 16:03:12 EDT 2017
Yah, that sounds cool.
On 7/28/17 11:48 AM, Thomas Darimont wrote:
> Hello,
>
> I build a configurable Password Policy that allows to match a given
> password against
> a blacklist with easy to guess passwords that should be not allowed as user
> passwords.
>
> The 'BlacklistPasswordPolicyProvider' can be configured via the admin UI
> with a ";" delimited list of easy to guess passwords.
>
> If the user / or admin want's to change the password it is checked against
> the blacklist.
> A password list can be found here:
> https://github.com/danielmiessler/SecLists/tree/master/Passwords
>
> A blacklist is of course not a perfect solution but could still be useful
> for some users.
>
> Password blacklist would be compiled to a trie at startup (and on changes
> of the blacklist)
> for efficient lookups.
>
> WDYT?
>
> Cheers,
> Thomas
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list