Thanks for the comment. It’s enough of the hash shared for me to be uncomfortable and for me to recommend not using it.
I applaud them for limiting the risk. But when the information shared with them let’s a bad guy know the 500 possible matches out of trillions, that’s not good.
It’s not literally clear text, which is nice. But it’s not without risk. And it’s not a good practice to share portions of password hashes with untrusted parties. Like a friendly hacker who runs a nonprofit site or whatever company buys it.
What you do with your own data is your decision, but if these details are enough for you to _recommend_ that other people not use it, then your advice needs to come with an "I ignore math in favor of uninformed prejudice" disclaimer, because you're making things worse with your security mysticism.
Keep in mind that your password may not be contained in the result set from HIBP (and if it is, you should likely change it anyway). So the attack space is only reduced to "any string whose hash begins with these characters", which should be considerably larger than 500 or however many results HIBP returns. It would be drastically smaller only if the attacker knew the hash was contained in HIBP.
Effectively, since HIBP asks for 5 characters of the hash, the space is the same as if the full hash were 5 characters shorter.
Why? I would be concerned only with the full hash (because people tend to use the same few passwords across many places), but given it's a partial hash, there's literally no info being sent around.
I applaud them for limiting the risk. But when the information shared with them let’s a bad guy know the 500 possible matches out of trillions, that’s not good.
It’s not literally clear text, which is nice. But it’s not without risk. And it’s not a good practice to share portions of password hashes with untrusted parties. Like a friendly hacker who runs a nonprofit site or whatever company buys it.