In xlblackCreate Test

[BronkHonkyTonk]

Overall Checklist

• [x] I agree to the project's Developer Certificate of Origin
• [x] The top-level JSON objects are sorted alphabetically
• [x] There are no open pull requests for the same update

for password-rules.json

• [x] The given rule isn't particularly standard and obvious for password managers
• [x] Generated passwords have been tested from this rule using the Password Rules Validation Tool
• [x] Information has been included about the website's requirements (eg. screenshots, error messages, steps during experimentation, etc.)
• [x] The PR isn't documenting something that would be a common practice among password managers (e.g. minimal length of 6)

for change-password-URLs.json

• [x] There is no Well-Known URL for Changing Passwords (https://example.com/.well-known/change-password)
• [ ] The URL either makes the experience better or no worse than being directed to just the domain in a non-logged-in state

for shared-credentials.json

• [x] There's evidence the domains are currently related (SSL certificates, DNS entries, valid links between sites, legal documents etc.)
• [ ] If using shared, the new group serves login pages on each of the included domains, and those login pages accept accounts from the others. (For example, we wouldn't use a shared association from google.co.il to google.com, because google.co.il redirects to accounts.google.com for sign in.)
• [ ] If using from and to, the new group, the from domain(s) redirect to the to domain to log in.

for shared-credentials-historical.json

• [x] You believe that the domains were associated at some point in the past and can explain that relationship

[BronkHonkyTonk]

Overall Checklist

• [x] I agree to the project's Developer Certificate of Origin
• [x] The top-level JSON objects are sorted alphabetically
• [x] There are no open pull requests for the same update

for password-rules.json

• [x] The given rule isn't particularly standard and obvious for password managers
• [ ] Generated passwords have been tested from this rule using the Password Rules Validation Tool
• [x] Information has been included about the website's requirements (eg. screenshots, error messages, steps during experimentation, etc.)
• [x] The PR isn't documenting something that would be a common practice among password managers (e.g. minimal length of 6)

for change-password-URLs.json

• [x] There is no Well-Known URL for Changing Passwords (https://example.com/.well-known/change-password)
• [ ] The URL either makes the experience better or no worse than being directed to just the domain in a non-logged-in state

for shared-credentials.json

• [x] There's evidence the domains are currently related (SSL certificates, DNS entries, valid links between sites, legal documents etc.)
• [x] If using shared, the new group serves login pages on each of the included domains, and those login pages accept accounts from the others. (For example, we wouldn't use a shared association from google.co.il to google.com, because google.co.il redirects to accounts.google.com for sign in.)
• [ ] If using from and to, the new group, the from domain(s) redirect to the to domain to log in.

for shared-credentials-historical.json

• [x] You believe that the domains were associated at some point in the past and can explain that relationship