Bad passwords and the NIST guidelines
Check what passwords fail to conform to the National Institute of Standards and Technology password guidelines.
- 9 tasks
- 694 participants
- 1,500 XP
Project Description
Almost every web service you join will require you to come up with a password. But what makes a good password? In June 2017 the National Institute of Standards and Technology (NIST) published publication 800-63B titled Digital Identity Guidelines: Authentication and Lifecycle Management. This publication doesn't tell you what is a good password, but it does have specific rules for what is a bad password.
In this project, you will take a list of user passwords and, using publication 800-63B, you will write code that automatically detects and flags the bad passwords.
To complete this project, you need to know how to manipulate strings in pandas DataFrames and be familiar with regular expressions. Before starting this project we recommend that you have completed the following courses:
Project Tasks
- 1 The NIST Special Publication 800-63B
- 2 Passwords should not be too short
- 3 Common passwords people use
- 4 Passwords should not be common passwords
- 5 Passwords should not be common words
- 6 Passwords should not be your name
- 7 Passwords should not be repetitive
- 8 All together now!
- 9 Otherwise, the password should be up to the user
Rasmus Bååth
Senior Data Scientist at King (Activision Blizzard)
I'm a Data Scientist at King (Activision/Blizzard) and previously I've been an instructor at DataCamp. I once did a PhD in Cognitive Science at Lund University. I'm passionate about Bayesian statics, good graphs and free coffee. Follow me @rabaath on Twitter or check out my blog, Publishable Stuff.
See More