WebApp Sec mailing list archives
Password Blacklist
From: Reed Black <reed () unsafeword org>
Date: Tue, 14 Aug 2012 10:29:16 -0700
Can anyone recommend a good password dictionary, preferably one where the author speaks to the method of its construction? As part of our authentication system, I want to blacklist the most commonly used passwords. I searched for dictionaries for use with John the Ripper, hoping to use one of these. There is surprisingly little overlap in the top terms among these different dictionaries. This makes me unsure of their utility. This is for a web service with an international user base, if that makes a difference. This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- Password Blacklist Reed Black (Aug 14)
- Re: Password Blacklist Andrew van der Stock (Aug 15)
- Re: Password Blacklist Per Thorsheim (Aug 15)
- Re: Password Blacklist Reed Black (Aug 15)
- RE: Password Blacklist Nigel Ball (Aug 15)
- Re: Password Blacklist Per Thorsheim (Aug 15)
- Re: Password Blacklist Snipe (Aug 16)
- Re: Password Blacklist Reed Black (Aug 15)
- Re: Password Blacklist Nick Galbreath (Aug 15)