Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
wizofaus
on Dec 1, 2022
|
parent
|
context
|
favorite
| on:
Lastpass Security Incident
Not sure why you would think that was necessary or at all likely. We have these things called hashes...
8n4vidtmkvmk
on Dec 1, 2022
[–]
that doesn't explain anything. they shouldn't be uploading unsalted hashes either. and if it's salted, it won't match with any database
wizofaus
on Dec 1, 2022
|
parent
|
next
[–]
True, the best solution is to download the list of hashed "bad passwords" and check if the one entered matches against that.
neevans
on Dec 1, 2022
|
parent
|
prev
[–]
if salted hash is leaked then it doesn't matter and does not need to be detected anyway.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
