Page MenuHomePhabricator

Replace PasswordCannotBePopular with PasswordNotInLargeBlacklist on Wikimedia wikis
Closed, DuplicatePublic

Description

Wikimedia wikis use PasswordCannotBePopular => 100 for normal users (for privileged users the more powerful PasswordNotInLargeBlacklist is used instead). PasswordCannotBePopular has been deprecated in core and should be replaced (it's spamming the log with deprecation warnings).

PasswordCannotBePopular check the password against the top X entries of a common passwords list, ranked by popularity. PasswordNotInLargeBlacklist checks against a list of 100.000 common passwords; it uses a Bloom filter so it's not possible to only check against a subset of the list. So the replacement will make the password requirements significantly stronger.

So we should either

  • notify users about the upcoming change, wait some time and replace the check
  • do the same, but flag the check so that it will not be applied on login (in a sense this will weaken the existing policy, although only for users who have been getting warnings until now, so the effect should be minimal)
  • undo the deprecation