diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2016-06-27 18:00:10 +0300 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2016-06-27 18:30:18 +0300 |
| commit | a854923dd4c2bb42600c51d8df6f8062b1f7634a (patch) | |
| tree | b4bb282ff1e167fadb99a89d4da60d6c891063fd /lib | |
| parent | ab081104028ee8f2f1060406425a181b9b0b741f (diff) | |
Use more data for the passwords list
Instead of having one big PHP file this splits the lists into one divided by characters, effectively making operations quicker and furthermore allowing us to check the top 1,000,000 passwords instead of only the top 100,000.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/PasswordValidator.php | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/lib/PasswordValidator.php b/lib/PasswordValidator.php index b6e0fae..a6eb272 100644 --- a/lib/PasswordValidator.php +++ b/lib/PasswordValidator.php @@ -141,13 +141,16 @@ class PasswordValidator { protected function checkCommonPasswords($password) { $enforceNonCommonPassword = $this->config->getEnforceNonCommonPassword(); if($enforceNonCommonPassword) { - $commonPasswords = require_once __DIR__ . '/../lists/10_million_password_list_top_100000.php'; - if (isset($commonPasswords[strtolower($password)])) { - $message = 'Password is within the 100,000 most common passwords. Please choose another one.'; - $message_t = $this->l->t( - 'Password is within the 100,000 most common passwords. Please choose another one.' - ); - throw new HintException($message, $message_t); + $passwordFile = __DIR__ . '/../lists/list-'.strlen($password).'.php'; + if(file_exists($passwordFile)) { + $commonPasswords = require_once $passwordFile; + if (isset($commonPasswords[strtolower($password)])) { + $message = 'Password is within the 1,000,000 most common passwords. Please choose another one.'; + $message_t = $this->l->t( + 'Password is within the 1,000,000 most common passwords. Please choose another one.' + ); + throw new HintException($message, $message_t); + } } } } |