What is Passphrase Validations?
We will be using this new passphrase validation technique to validate the pass phrases (passwords) on Ready Recruit application. The passwords submitted during account registration, login, and password change will be checked against a set of breached passwords.
How to configure it?
This validation was configured already from the backend. Once the passphrase validation policy is turned on, the passwords submitted during account registration, login, and password change will be checked against a set of breached passwords such as the top 1,000 or 10,000 most common passwords which match the system’s password policy.
Validation message?
If the password is breached, the application will display the below message to the user to set a new non breached password.
This password has been previously exposed in “x“ known data breaches. Please choose a new one.
