Definition

password blacklist

Part of the Authentication glossary:

A password blacklist is a list of words disallowed as user passwords due to their commonplace use.

Blacklists may also incorporate rules to prevent the use of common passwords with frequently-used modifications such as capital letters, standard substitutions or numbers following the words. These rules can help protect against password cracking software that works with dictionaries of commonly-used passwords – which also often include the ability to apply frequently-used modifications.

Such blacklists can prevent the use of a string of characters that might pass password entropy checks. For example, PassW0rd1 is rated as an acceptably strong password in many password strength meters because it employs several password hardening measures, but in fact, it’s quite weak: It’s just the word password (the weakest and most common password of all) with common modifications.  

This was last updated in January 2014
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse

Related Terms

Definitions

  • TAN (transaction authentication number)

    - A transaction authentication number (TAN) is a type of single-use password used for an online banking transaction in conjunction with a standard ID and password. TANs are often in a list made by a... (WhatIs.com)

  • social login

    - Social login is a single sign-on (SSO) that allows users to authenticate themselves on various applications and sites by connecting through a social networking site rather than typing a separate ID... (WhatIs.com)

  • out-of-band authentication

    - Out-of-band authentication is a type of two-factor authentication that requires a secondary verification method through a separate communication channel along with the typical ID and password. Out... (WhatIs.com)

Glossaries

  • Authentication

    - Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.