CompromisedPasswordFiltering: Difference between revisions

From UMIACS
Jump to navigation Jump to search
(Created page with "UMIACS passwords, in accordance with best practices recommended by NIST, will not allow passwords to be used that have been included in a known data breach. UMIACS systems wi...")
 
No edit summary
 
Line 1: Line 1:
UMIACS passwords, in accordance with best practices recommended by NIST, will not allow passwords to be used that have been included in a known data breach.  UMIACS systems will check that a new password you wish to see is not among hundreds of millions of compromised passwords.
UMIACS passwords, in accordance with best practices recommended by NIST, will not allow passwords to be used that have been included in a known data breach.  UMIACS systems will check that a new password you wish to set is not among hundreds of millions of compromised passwords.


We use the [https://haveibeenpwned.com/Passwords Have I Been Pwned (HIBP)] corpus of passwords as the data source of passwords that are checked against.
We use the [https://haveibeenpwned.com/Passwords Have I Been Pwned (HIBP)] corpus of passwords as the data source of passwords that are checked against.

Latest revision as of 00:25, 9 March 2019

UMIACS passwords, in accordance with best practices recommended by NIST, will not allow passwords to be used that have been included in a known data breach. UMIACS systems will check that a new password you wish to set is not among hundreds of millions of compromised passwords.

We use the Have I Been Pwned (HIBP) corpus of passwords as the data source of passwords that are checked against.