For an overview of the Push browser extension and the basic data it collects, refer to this related.
Push uses a browser extension to identify when an employee is using a weak password to log into. If Push has identified one or more weak passwords, you’ll see a Recommended improvement for that employee when viewing the employee’s details in the Push admin console.
You can then use ChatOps to encourage employees with weak passwords to update them. To get started messaging employees, enable the ChatOps topic for.
To determine if a password is weak, the Push browser extension checks the password against:
A list of top 10,000 weak base passwords
Number and special character variations on these weak base passwords, for example: Password1!, January2022
Variations on these weak base passwords that replace letters with numerals (1337), for example: P455w0rd.
All password checks are performed locally in the browser extension, and it never sends passwords anywhere. For more details about how Push securely handles discovery of reused passwords, refer to this related.
You can find the list of top 10,000 weak base passwords used in the Push browser extension on.