Run your internal database (in a hashed format) against verified Brazilian wordlists to see how many users are utilizing "high-risk" passwords [3].
Show employees how quickly a password from a common "verified" list can be guessed to encourage the use of password managers and MFA (Multi-Factor Authentication) [2, 5]. Moving Beyond the Wordlist
It includes the most common passwords found in Brazilian-specific leaks (e.g., "123456", "brasil", "senha") [2].
Use the data from these lists to inform your blocklists. Instead of just requiring "special characters," you can specifically forbid common regional patterns [4].
Moving toward passwordless authentication eliminates the risk of wordlist-based credential stuffing entirely [5].
Run your internal database (in a hashed format) against verified Brazilian wordlists to see how many users are utilizing "high-risk" passwords [3].
Show employees how quickly a password from a common "verified" list can be guessed to encourage the use of password managers and MFA (Multi-Factor Authentication) [2, 5]. Moving Beyond the Wordlist
It includes the most common passwords found in Brazilian-specific leaks (e.g., "123456", "brasil", "senha") [2].
Use the data from these lists to inform your blocklists. Instead of just requiring "special characters," you can specifically forbid common regional patterns [4].
Moving toward passwordless authentication eliminates the risk of wordlist-based credential stuffing entirely [5].