|
|
|
|
|
|
by stefanoco
997 days ago
|
|
|
The data breach announcement is a bit vague on the meaning of “login pairs”. The best practices of breaches databases of the like of https://haveibeenpwned.com/ is to maintain records of login matter (username, email, password etc) in a strongly hashed format. This still enables searching and comparing but not extracting for later use. Why the database here looks like plain text is totally unclear. Or maybe the passwords are hashed here also (which anyway exposes email addresses)? |
|
|