Add password rule for thy.com

[ymzEmre]

Overall Checklist

• [x] I agree to the project's Developer Certificate of Origin
• [x] The top-level JSON objects are sorted alphabetically
• [x] There are no open pull requests for the same update

for password-rules.json

• [ ] The given rule isn't particularly standard and obvious for password managers
• [x] Generated passwords have been tested from this rule using the Password Rules Validation Tool
• [ ] Information has been included about the website's requirements (eg. screenshots, error messages, steps during experimentation, etc.)
• [x] The PR isn't documenting something that would be a common practice among password managers (e.g. minimal length of 6)

for change-password-URLs.json

• [x] There is no Well-Known URL for Changing Passwords (https://example.com/.well-known/change-password)
• [x] The URL either makes the experience better or no worse than being directed to just the domain in a non-logged-in state

for shared-credentials.json

• [x] There's evidence the domains are currently related (SSL certificates, DNS entries, valid links between sites, legal documents etc.)
• [ ] If using shared, the new group serves login pages on each of the included domains, and those login pages accept accounts from the others. (For example, we wouldn't use a shared association from google.co.il to google.com, because google.co.il redirects to accounts.google.com for sign in.)
• [ ] If using from and to, the new group, the from domain(s) redirect to the to domain to log in.

for shared-credentials-historical.json

• [ ] You believe that the domains were associated at some point in the past and can explain that relationship

[aabosh]

Thanks for the contribution! I noticed that thy.com redirects to turkishairlines.com. Can you swap the domain for the password rule? Or, alternatively, add a new entry in shared-credentials.json?

And just so it's in the thread, here is a screenshot of the site's password rules, which match what you wrote.

[ymzEmre]

Thanks for your information. Fixed the domain, added to the shared credentials, created a pull request again.