Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
tomglynch
on June 3, 2019
|
parent
|
context
|
favorite
| on:
Password expiration is dead, long live passwords
Yeah I know - checking a new password is worse!
Turns out he's downloaded a hashed list and is checking against that. Which is fine.
stephenr
on June 3, 2019
[–]
The “regular” api works on a hash of the first handful of characters - in no scenario do you send the actual password to a remote service, so what is your concern?
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Turns out he's downloaded a hashed list and is checking against that. Which is fine.