I wrote a LogonShell that approaches the problem by keeping a hash of commonly used passwords in a static data structure. I wrote a program to get the hashcodes of a wordlist I found on the open internet claiming to be a list of commonly used passwords, then opened the file with my editor and put some
static int {} stuff around it. It was just a shell trick for the masses: any password short enough and reasonable enough for a human to remember does not represent to me a useable password, passwords are a pain.
I then do
if( map.find(password)){/** user is a twit, do not trust **/} Who wrote:
new password security requirements passed down to us. and please, please consider the storing of the
HASHES of the passwords, not the actual passwords themselves which can be tampered by routine curiosity seekers.
Kevin's Word List Page has a good collection of dictionaries with which you can begin your work.
Just google for commonly used passwords and be moderately concerned that the password lists you find may not be as cleanly implemented as the SCOWL list that kevin has up.