Use 10k most common passwords instead of 5k

This commit is contained in:
Neil Lalonde 2014-05-02 12:01:21 -04:00
parent ce381860dc
commit 014bfc0512
3 changed files with 4 additions and 4 deletions

View file

@ -208,7 +208,7 @@ en:
user:
attributes:
password:
common: "is one of the 5000 most common passwords. Please use a more secure password."
common: "is one of the 10000 most common passwords. Please use a more secure password."
ip_address:
signup_not_allowed: "Signup is not allowed from this account."
@ -703,7 +703,7 @@ en:
min_username_length: "Minimum username length. (Does not apply if global nickname uniqueness is forced)"
min_password_length: "Minimum password length."
block_common_passwords: "Don't allow passwords that are in the 5000 most common passwords."
block_common_passwords: "Don't allow passwords that are in the 10000 most common passwords."
enable_sso: "Enable single sign on via an external site"
sso_url: "URL of single sign on endpoint"

View file

@ -41,7 +41,7 @@ class CommonPasswords
def self.load_passwords
passwords = File.readlines(PASSWORD_FILE)
passwords[0,5000].map!(&:chomp).each do |pwd|
passwords.map!(&:chomp).each do |pwd|
# slower, but a tad more compatible
redis.sadd LIST_KEY, pwd
end

View file

@ -51,7 +51,7 @@ describe CommonPasswords do
it "doesn't load the passwords file if redis has it" do
mock_redis = mock("redis")
mock_redis.stubs(:exists).returns(true)
mock_redis.stubs(:scard).returns(5000)
mock_redis.stubs(:scard).returns(10000)
described_class.stubs(:redis).returns(mock_redis)
described_class.expects(:load_passwords).never
list = described_class.password_list