Password CommonList validator for Symfony

v0.3.0 2023-10-28 18:56 UTC

This package is auto-updated.

Last update: 2024-04-27 11:26:26 UTC


This package provides a Symfony Validator for the xato-net-10-million-passwords-1000000 CommonPassword list.

Note: It's better to use the NotCompromisedPassword validator when possible. The PasswordCommonList should only be used when network access is limited or restricted.

Only passwords of 6 or more characters are included in this list.


To install this package, add rollerworks/password-common-list to your composer.json:

$ php composer.phar require rollerworks/password-common-list

Now, Composer will automatically download all required files, and install them for you.

Note: To use this library with a Symfony Application make sure the \Rollerworks\Bundle\PasswordCommonListBundle\RollerworksPasswordCommonListBundle is enabled.


You need at least PHP 7.4, mbstring is recommended but not required.



The password validators do not enforce that the field must have a value! To make a field "required" use the NotBlank constraint in combination with the PasswordCommonList validator.

Use the Rollerworks\Component\PasswordCommonList\Validator\Constraints\NotInPasswordCommonList constraint as described in the Symfony Documentation. This constraint has no special options.


For transparency and insight into the release cycle, and for striving to maintain backward compatibility, this package is maintained under the Semantic Versioning guidelines as much as possible.

Releases will be numbered with the following format:


And constructed with the following guidelines:

  • Breaking backward compatibility bumps the major (and resets the minor and patch)
  • New additions without breaking backward compatibility bumps the minor (and resets the patch)
  • Bug fixes and misc changes bumps the patch

For more information on SemVer, please visit


This library is released under the MIT license.


This is an open source project. If you'd like to contribute, please read the Contributing Guidelines. If you're submitting a pull request, please follow the guidelines in the Submitting a Patch section.