The common-password dictionary consists of a set of terms that are likely to be used as passwords (for example, password, Qwerty, or 12345678). While the option to block common passwords is enabled, the S Series Node rejects new passwords that match any of the terms in the dictionary.
Dictionary terms
A dictionary term is a text string consisting of at most 64 UTF-8 characters. This value does not include the delimiter at the end of the term.
The comparison between a new password for a user account and the terms in the common-password dictionary is case insensitive. For example, the passwords HitachiVantara123!, Hitachivantara123!, hitachivantara123!, and hitaCHIvanTARA123! all match the term HitachiVantara123!.
To be the same, the specified password and the dictionary term must contain exactly the same sequence of case-insensitive letters, numbers, special characters, and white space. For example, the password HitachiVantara123! does not match the terms HitachiVantara, Hitachi Vantara123!, 123hitachivantara!, or HitachiVantaraLLC123!.
Dictionary management
Initially, the common-password dictionary is empty. To populate the dictionary, you upload a .txt file containing the terms you want to block from being used as passwords. If the dictionary is not empty when you upload the file, the terms in that file replace the current contents of the dictionary.
The S Series Node treats new-line characters in the uploaded file as term delimiters. Special characters, including commas, spaces, and other white-space characters are treated as part of the delimited terms.
Uploading a file in which any terms contain non-UTF-8 characters can have an unpredictable effect on the dictionary.
The S Series Node stores the name of the most recently uploaded file used to populate the common-password dictionary, the date and time the file upload finished, and the file size. The maximum size for a file containing dictionary terms is 104,857,600 bytes. This size includes the new-line delimiter characters.
You cannot modify the contents of the common-password dictionary directly on the S Series Node. Instead, to add or remove terms from the dictionary, download the dictionary contents to a file, modify the file, and then upload the modified file. Downloading the dictionary contents does not remove the contents from the S Series Node.
Using the HCP S Series management API, you can delete the contents of the common password dictionary. Deleting the dictionary contents leaves the dictionary completely empty. Deleting the contents also removes the record of the most recently uploaded file used to populate the dictionary.
If you have the security role, you can use the HCP S Series Management Console or management API to work with the common-password dictionary.
To work with the common-password dictionary in the Management Console, go to .