This changes the default config to not allow the top 25 passwords
to be used by Sysop/Crats. This should almost certainly be set to
a higher number, but I think its best to wait until after this is
comitted to argue over what the best value is.
I would expect that once this is comitted, there would be a config
change for wmf wikis, so that there is no change until this has
been discussed with the community.
The included common password file was generated from the first
10000 entries of
https://github.com/danielmiessler/SecLists/blob/master/Passwords/rockyou.txt?raw=true
10,000 was chosen based on csteipp's suggestion.
Change-Id: I26a9e8f2318a1eed33d7638b125695e8de3a9796
2d15dcfc3f