It is not just the words in a password. It is how they are used, what context they are used in, if they have been exposed online, and other factors.
A strong password isn’t necessarily a safe password. Although many passwords meet typical algorithmic strength requirements, they may still be unsafe if they exist in password cracking dictionaries used by cybercriminals.
You can see if a sample password is generally safe, weak, or compromised here.
Don’t let your employees use weak or compromised passwords!
You can enable quick-to-deploy automated password policy enforcement and daily exposed password screening in Active Directory. With fully automated weak password filtering, fuzzy password matching, password similarity blocking, and custom password dictionary filtering; enterprises can easily adopt NIST password requirements and secure employee passwords.
If you want to learn how to block similar passwords and screen your Active Directory accounts daily for compromised passwords, read our paper on how to solve the password problem.
To see how it can work, review this paper from Cybersecurity Insider.