disallow_common_passwords.rdoc

doc/disallow_common_passwords.rdoc
Last Update: 2018-03-08 09:49:36 -0800

Documentation for Disallow Common Passwords Feature

The disallow common passwords feature disallows setting of a password that matches one of the most common passwords. By default, a list of 10,000 of the most common passwords is used, but you can supply your own file. Using a larger list is recommended, but Rodauth doesn't ship with a larger list to avoid bloating the size of the gem.

Auth Value Methods

most_common_passwords

An object that responds to include? which will return true if the password given is one of the most common passwords. Useful for custom password sets where they are not stored in files and kept in memory.

most_common_passwords_file

The path to the file containing the most common passwords, which are not allowed to be used for new passwords. Defaults to a list of 10,000 most common passwords that ships with Rodauth. Can be set to nil/false if you do not want to to load common passwords from a file.

password_is_one_of_the_most_common_message

The error message fragment to display if the given password matches one of the most common passwords.

Auth Methods

password_one_of_most_common?(password)

This can be used to override the default check for whether the given password is contained in the most_common_passwords_file. This method may be useful when using very large password databases where you don't want to keep the list of most common passwords in memory.