this post was submitted on 02 Nov 2023
409 points (100.0% liked)

196

16285 readers
3693 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS
greembow@lemmy.blahaj.zone
moss@lemmy.blahaj.zone
moss@lemmy.world
queue@beehaw.org
funky_rodent@lemmy.blahaj.zone
PeachyMcPeachface@lemmy.blahaj.zone
threegnomes@lemmy.blahaj.zone
greembow@lemmy.world
remotelove@lemmy.ca
Roflmasterbigpimp@feddit.de
qaz@lemmy.world
A_Very_Big_Fan@lemm.ee
qaz@lemmy.blahaj.zone
qaz@lemmy.ca
A_Very_Big_Fan@lemmy.world
qaz@lemmy.dbzer0.com
Qaz@lemmy.ml
qaz@sh.itjust.works
qaz@lemmy.sdf.org
409
Grule policy (lemmy.world)
submitted 11 months ago by tb_@lemmy.world to c/196@lemmy.blahaj.zone
15 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] PM_Your_Nudes_Please@lemmy.world 27 points 11 months ago* (last edited 11 months ago) (1 children)

If they’re able to determine that you’re using a similar password, it’s because they’re not hashing your passwords and are storing them as plaintext. You should run far far away from any site or service that is able to enforce similarity rules. Because when you properly hash a password, even a minor difference such as upper/lowercase will produce a wildly different result.

[–] bloopernova@programming.dev 18 points 11 months ago

I've been wondering about that. I think they get around it by using the "enter your current password" prompt, so they potentially have it in cleartext for the duration of the session.