Hacker News new | ask | show | jobs
by zawerf 2711 days ago
I am not sure you should put too much confidence in the "pwned password" search.

I know one of the weak password I stupidly reuse everywhere was compromised since I had someone buy something with my paypal account. But it comes up as clean in the password search. So it was probably cracked from one of the leaked hashes but the plain text was never entered into the public dumps.
2 comments
M2Ys4U 2710 days ago
Well one can't prove a negative, that is that your password _hasn't_ been leaked.

Knowing that - for sure - a password has appeared in a breach is very useful.

link
113 2710 days ago
It would be impossible for the site to have every password ever compromised.

It can only check against a database of known password leaks.

link