Nerdy PWs leaked:
Treebeard - “This password has been seen 1,207 times before in data breaches!”
NedStark - 20 times
CerseiLannister - 30 times
youknownothingjonsnow - 61 times
PicardIsSexy - 0 times (!The_Picard_Maneuver@piefed.world you’re safe. ;)
NSFW passwords
spoiler
bigdick - 178,712 (!?!)
bigpussy - 9,226
longpussy - 26
longdick - 10,762
wetpussy - 61,575
wetdick - 579
twat - 6,588
dickhead - 201,942
((More to come later))
I don’t know if I want to be putting my passwords in to something like this lol
If you’re worried, send them to me and I’ll check for you.
Password123!
hunter2
Yeah that one is used, you should change it
I just see *******
Oh lol that one is old
yezzir
deleted by creator
very sane reaction.
I have to say though, haveibeenpwned is very well regarded in the industry, and is run by a well known security expert. A leak from there would be quite the blow to his reputation.
https://en.wikipedia.org/wiki/Have_I_Been_Pwned
That said, while I happily give them my email-addresses, I have never given them my password.
I’m not so sure that it would be a huge blow. He’s only human and everyone is susceptible to the odd mistake.
He did get phished last year and blogged about it after it happened which is the transparent approach that security experts say is the correct response. I’m pleased that he followed the advice that he gives to be honest and don’t think any less of him for suffering a breach.
https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/
Fair, I misstated that. A deliberate leak from there would be quite the blow to his reputation.
All it takes is a malicious actor to MITM or a compromised codebase or any other malicious things to slip in something and its also pwned.
I’ve seen too many widely recognized and supposedly secure things fail, to trust this with my passwords.
I’d argue though, if you use a single password for everything, its probably more secure to add it here to to at least get an indication when it’s breached. Your surface in that case is already so large that the difference is negligible compared to the gained warning.
That said, don’t reuse passwords!
I hope for humanity’s sake that you’re joking.
Why?
Because using a reputable k-anonymity service is as risky as throwing apple peels in the trash. Or just looking at an apple.
It makes a cryptographically-secure hash of the password you enter, then truncates that before sending it to the server so the only information they get would be in common with a huge number of other passwords. They then send back the leaked passwords with the same truncated hash, and your computer checks to see if what you’ve entered matches anything on the list. It’s not practical to send the whole list for every query as there’s just too much data, but if you don’t trust their site, you can just download the whole list and check against it yourself.
Yeah its fine to look through a list but not going to put in my stuff.
My god you people 😂😂😂
https://lemmy.ca/comment/21535992
which is fine but there is a trust chain or a big homework assignment for me to be comfortable with it.
Use a different VPN server and private mode on each. Easy.
You think people that tech illiterate have any idea how to use a VPN?
I know how to use one. Ive got no idea how to verify that its trustworthy.
Sadly, I know they usually don’t.
https://lemmy.ca/comment/21535992
Holy tech illiteracy batman
Thanks for the explanation. Really makes me want to do it even more.
That rocks my world.
deleted by creator