Password Quality and Badlisting in Kanidm Passwords are still a required part of any IDM system. As much as I wish for Kanidm to only support webauthn and stronger authentication types, at the end of the day devices can be lost, destroyed, some people may not be able to afford them, some clients aren't compatible with them and more. This means the current state of the art is still multi-factor auth. Something you have and something you know. Despite the presence of the multiple factors, it's ...
