Use the dsconfig tool to configure the Pwned Passwords Password Validator.

  1. Run the dsconfig tool to update an existing password policy to use the Pwned Passwords Password Validator, replacing [PASSWORD_POLICY_NAME] with the name of your password policy.
    dsconfig set-password-policy-prop \
             --policy-name "[PASSWORD_POLICY_NAME]" \
             --add "password-validator:Pwned Passwords"
  2. Test the validator by submitting a password that is known to be compromised; for example, password.