v2#PwnedPasswords

The API at https://haveibeenpwned.com/API/v2#PwnedPasswords provides an API of compromised passwords.

This would be a good thing to check against when a user changes their password along with cracklib.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information