Bad Passwords and the NIST Guidelines
Check what passwords fail to conform to the National Institute of Standards and Technology password guidelines.Start Project
9 Tasks1,500 XP
Loved by learners at thousands of companies
Almost every web service you join will require you to come up with a password. But what makes a good password? In June 2017 the National Institute of Standards and Technology (NIST) published publication 800-63B titled Digital Identity Guidelines: Authentication and Lifecycle Management. This publication doesn't tell you what is a good password, but it does have specific rules for what is a bad password.
In this project, you will take a list of user passwords and, using publication 800-63B, you will write code that automatically detects and flags the bad passwords.
- 1The NIST Special Publication 800-63B
- 2Passwords should not be too short
- 3Common passwords people use
- 4Passwords should not be common passwords
- 5Passwords should not be common words
- 6Passwords should not be your name
- 7Passwords should not be repetitive
- 8All together now!
- 9Otherwise, the password should be up to the user
Data Science Lead at castle.io
Rasmus Bååth is a Data Science Lead at castle.io. Previously, he was an instructor and Curriculum Lead for Projects at DataCamp. He has a PhD in Cognitive Science from Lund University in Sweden. Follow him at @rabaath on Twitter or on his blog, Publishable Stuff.