undefined | Better HN

0 pointszawerf7y ago0 comments

I am not sure you should put too much confidence in the "pwned password" search.

I know one of the weak password I stupidly reuse everywhere was compromised since I had someone buy something with my paypal account. But it comes up as clean in the password search. So it was probably cracked from one of the leaked hashes but the plain text was never entered into the public dumps.

0 comments

M2Ys4U7y ago

Well one can't prove a negative, that is that your password _hasn't_ been leaked.

Knowing that - for sure - a password has appeared in a breach is very useful.

1137y ago

It would be impossible for the site to have every password ever compromised.

It can only check against a database of known password leaks.

j / k navigate · click thread line to collapse