Detect weak passwords used with corporate account on untrusted domains

palantir / phishcatch

A browser extension and API server for detecting corporate password use on external websites

https://github.com/palantir/phishcatch/wiki

Apache License 2.0

91 stars 20 forks source link

Detect weak passwords used with corporate account on untrusted domains #37

Open carbureted opened 3 years ago

carbureted commented 3 years ago

Detect username/password pairs on generic login forms On submit, check for enterprise account (user@example.com) If enterprise account, check password complexity If password complexity is below configurable requirement, send an alert with domain/username