When user signup or change password, the new password will be checked via the password DB and throw an error if the password is dangerous when this feature is enabled
When enabled, a truncated SHA Hash password will be stored, and a periodic check could be setup to send email notify cms admin for pwned password, and at cms user management, will highlight all ac with pwned password.
A url to a simple services to check against truncated SHA1 with bloomfilter
2 seems better because:
We can provide an end point for the open sources Skygear version to simplify the deployment of open sources versions
All Skygear.io cluster can use the same services, updating the pwned DB is easier
Although a web services have higher overhead for massive checking (such as when periodic check is enabled), however it can be solved by supporting batch checking on the api.
Since Skygear Next will support multi-tenant, using option 1 of "File URL / Location of Bloomfiltered DB" is as good as 2 now (No more batch restart of skygear instances when we update the pwned DB)
Description
Related info:
Portal Design
CMS Design
API Design
Remove this section if the feature have no API
Open Questions
2 seems better because:
Related Issues