Even if they got a password, you'd have to be incredibly stupid to store it in clear text on your database in 2023.
Comment on Shadow PC got hacked, and had user data leak
StorageAware@lemmings.world 1 year ago
Sure your DOB & address were leaked, but don’t worry your password is safe.
TimeSquirrel@kbin.social 1 year ago
TORFdot0@lemmy.world 1 year ago
It’s not exactly that hard to crack passwords from a hash anymore. I don’t know if shadow has MFA but you should assume that if all you have is a password that your account is already compromised.
httpjames@sh.itjust.works 1 year ago
It’s actually pretty difficult still if you’re using secure hashing functions like Argon2 and bcrypt because they’re hard on memory and computational power, meaning brute force attacks are pretty much infeasible, both due to hardware requirements and long hashing times.
atetulo@lemm.ee 1 year ago
Wrong.
0xD@infosec.pub 1 year ago
These things are often saved in entirely different places, so no, that is not a stretch.
Neon@lemmy.world 1 year ago
also, any Company that knows anything about IT doesn’t store Passwords but instead just the Hash of it
debugpointer.com/security/sha256-overview