common: Check new passwords against https://haveibeenpwned.com/API/v2#PwnedPasswords
The API at https://haveibeenpwned.com/API/v2#PwnedPasswords provides an API of compromised passwords.
This would be a good thing to check against when a user changes their password along with cracklib.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information