Comment on Plex got hacked.
moseschrute@lemmy.world 10 hours agoCan you also use a list of common passwords and a ruleset you apply to those common passwords, and then hash(applyRule(commonPassword)) == compromised hash ?
Comment on Plex got hacked.
moseschrute@lemmy.world 10 hours agoCan you also use a list of common passwords and a ruleset you apply to those common passwords, and then hash(applyRule(commonPassword)) == compromised hash ?
AA5B@lemmy.world 8 hours ago
I’m not entirely sure what you mean but my password manager alerts when the hash of one of my passwords matches one from a dark web data dump, and prompts me to replace it with a newly generated one.
I’m sure it’s not a unique feature
Admittedly I do have a few bad password, a combination of I don’t see how I could care (like a Reddit alt account) and sites that break the password change automation (yeah I’m lazy)
moseschrute@lemmy.world 7 hours ago
I wonder how that works. The point of password hashing is to uniquely scramble your password. So userOneHash(“password”) should give a different output than userTwoHash(“password”) even if they use the same password. So your password manager shouldn’t really be able to generate the same password hash since an infinite number of hashes can be generated from the same password.