[web] Validate against Banned-Passwords List

[exalate-issue-sync]

Description

User Stories

• As an organization who needs to comply with LSI requirements, I need to validate user passwords against a Banned-Password-List.

Value

• Compliance

Acceptance Criteria

• Add an option to enable a password check against a Banned-Password-List
• if a user tries to set a password that is listed in the banned Banned-Password-List, the password can not be used (is invalid)
• Add valdation message "Unfortunately, your password is commonly used. Please pick a harder-to-guess password for your safety."

Definition of ready

[ ] everybody needs to understand the value written in the user story
[ ] acceptance criteria has to be defined
[ ] all dependencies of the user story need to be identified
[ ] feature should be seen from an end user perspective
[ ] user story has to be estimated
[ ] story points need to be less then 20

Definition of done

• Functional requirements
  [ ] functionality described in the user story works
  [ ] acceptance criteria are fulfilled
• Quality
  [ ] code review happened
  [ ] CI is green
  [ ] critical code received unit tests by the developer
  [ ] automated tests passed (if automated tests are not available, this test needs to be created and passed
• Non-functional requirements
  [ ] no sonar cloud issues