Class: CommonPasswords
- Inherits:
-
Object
- Object
- CommonPasswords
- Defined in:
- lib/common_passwords.rb
Overview
CommonPasswords will check a given password against a list of the most commonly used passwords. The list comes from github.com/danielmiessler/SecLists/tree/master/Passwords specifically the list of 10 million passwords, top 100k, filtered by length
The list is stored in Redis at a key that is shared by all sites in a multisite config.
If the password file is changed, you need to add a migration that deletes the list from redis so it gets re-populated:
Discourse.redis.without_namespace.del CommonPasswords::LIST_KEY
Defined Under Namespace
Classes: RedisPasswordList
Constant Summary collapse
- PASSWORD_FILE =
File.join(Rails.root, "lib", "common_passwords", "10-char-common-passwords.txt")
- LIST_KEY =
"discourse-common-passwords"
Class Method Summary collapse
Class Method Details
.common_password?(password) ⇒ Boolean
20 21 22 23 |
# File 'lib/common_passwords.rb', line 20 def self.common_password?(password) return false if password.blank? password_list.include?(password) end |