Compromised and Easily Guessed Passwords

Body

Compromised Passwords

When public websites are compromised or other company data breaches occur, copies of user passwords may be posted publicly or traded online. Since passwords are often used on multiple accounts (though they shouldn't be), they become easy methods of compromising other accounts.

In addition, large password compromises often expose the fact that many users use the same easily-guessed passwords such as "Password" or "123456"

LETU systems will detect and prevent an attempt to change a password to an easily-guessed or publicly compromised password. Visit Have I Been Pwned to search for examples of passwords known to be widely compromised.

As an example, Password123 would not be allowed because it is a commonly used (and routinely compromised) password.

 

Easily Guessed Passwords

Even if not publicly compromised, LETU's system will also detect and prevent the use of certain phrases in passwords that may be so obvious they weaken the security of the passwords they are in. For security reasons the complete list is not disclosed but includes the following common keywords currently prohibited in LETU passwords (regardless of upper or lower case):

  • letu
  • letourneau
  • university
  • Commonly used previous or upcoming four-digit years such as 2022, 2023, 2024, etc.

Details

Details

Article ID: 119682
Created
Tue 11/3/20 5:13 PM
Modified
Wed 6/14/23 10:36 AM