|
|
|
|
|
|
by madethemcry
920 days ago
|
|
|
Small world. Only yesterday I read that great comment from user
adameasterling about credential stuffing in another thread [1] > Troy Hunt is such a treasure. And for us web application developers, there is no excuse for not having protection against credential stuffing! While the best defense is likely two-factor, checking against Hunt's hashed password database is also very good and requires no extra work for users! That user even listed 23andMe [2] as an example but it's from 60 days ago. This incident is referenced on the techcrunch article. [1] https://news.ycombinator.com/item?id=38521106 [2] https://news.ycombinator.com/item?id=37794379 |
|
|