summaryrefslogtreecommitdiff
path: root/lib/PWLookup.pm
AgeCommit message (Collapse)AuthorFilesLines
2019-05-17Fix PWLookup.pm to reject null-bytes in the dictionaryYorhel1-1/+1
Since the database format can't handle it.
2019-05-16Add password dictionary checkYorhel1-0/+155
This affects the following: - API login with a weak password is disallowed, affected users will have to change their password through the website to continue using the API. - Registration, password reset or password change forms require the new password to not be in the dictionary. - Attempting to log in to the website with a weak password will force-redirect to a password change form, allowing a new password to be set (using the weak-but-still-valid password as check).