Hacker News new | ask | show | jobs
by jrodthree24 1565 days ago
My company just fixed this. By requiring you to change your password by more than the last character. Really cutting edge security here.
1 comments
orthecreedence 1564 days ago
2password

3password

4password

...

>=]

link
ozim 1564 days ago
https://en.wikipedia.org/wiki/Levenshtein_distance

Anything below 5 in distance gets rejected, try again, please.

While you get to change password you make 2 boxes with current and new of course and do your comparisons on it, just to explain you still keep passwords hashed.

link
benhurmarcel 1564 days ago
password01january

password02february

password03march

...

link