Commonly used password topologies
Some patterns of passwords are extremely common, for example Denver14 follows the pattern Ullllldd where
- s=special (other character)
- Password crackers can search the most common patterns systematically (and do already).
- Users who use these common patterns are thus at risk.
Therefore, to increase security of your system you should not allow users to choose passwords following these patterns!
This project identifies the most common password topologies.
See the Report
- Additional to the other OWASP recommendations (see below).
- When users set their passwords, check if that password is in a common topology.
- Encourage users to set pass-phrases, not passwords, and allow long passwords.