Automatic updates of common passwords (!1275) · Merge requests · Turris / Turris OS / Turris OS packages

Lukas Jelinek requested to merge feature/common-passwords into master Apr 02, 2025

This MR contains two parts (separate commits):

It updates the built-in password lists (from Sentinel and HaaS) - the original ones are very old.
It introduces a new feature, that will update these lists automatically. The necessary server part has been already implemented.

The goal is to provide recent passwords (to reflect varying character of password attacks) and thus to improve password security.

What can be discussed:

The designed implementation updates the lists every day (with a 6h spread). It is possibly too often and may be changed to some longer period (e.g. once a week).
The lists contain password that occurred at least 100 times. It leads to long lists (especially the Sentinel one). So the threshold may be raised to higher values, like 300 or even 1000.

Admin message