"Forbid common passwords" - list source?

Hi,

As part of setting a password policy. There’s a checkbox for “Forbid common passwords”. I’m assuming it checks a password against a common password list.
Does anyone know where that list is drawn from?

Cheers

Alan

here a bit more background when the feature was implemented:

1 Like

I think there is a diference:

Unbenannt

I think there must be a list with “common passwords” (or hashes) direct in Nextcloud because there is no explanation for the first option.

1 Like

If there are local lists, they are in the repository:

1 Like

Can someone explain GitHub - nextcloud/password_policy: Let the admin define certain rules for passwords, e.g. a minimum length

E.g. I can not found 12345678 but wilco791-12345678

https://raw.githubusercontent.com/nextcloud/password_policy/master/lists/list-17.php
‘wilco791-12345678’ => true,

1 Like

awesome - thanks all for the help

Cheers

Alan