CompromisedPasswordFiltering

From UMIACS
Jump to navigation Jump to search

UMIACS passwords, in accordance with best practices recommended by NIST, will not allow passwords to be used that have been included in a known data breach. UMIACS systems will check that a new password you wish to set is not among hundreds of millions of compromised passwords.

We use the Have I Been Pwned (HIBP) corpus of passwords as the data source of passwords that are checked against.