this post was submitted on 27 Oct 2023
1303 points (98.0% liked)

Memes

45657 readers
1324 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
1303
Add-on: same password, same identity. (lemmy.world)
submitted 1 year ago by woshang@lemmy.world to c/memes@lemmy.ml
177 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] kamen@lemmy.world 37 points 1 year ago (3 children)

Imagine a site telling you "Sorry, you can't use asdf123 as your password: you've already used it on that other site".

[–] A_Very_Big_Fan@lemmy.world 7 points 1 year ago (1 children)

That's not as far fetched as it sounds. Any website worth its salt will store your password as a hash, so if they started sharing the hashes with each other they could prevent you from reusing passwords without changing much security-wise

[–] kamen@lemmy.world 10 points 1 year ago

Any website worth its salt will salt the hash as well...

[–] FakinUpCountryDegen@lemmy.world 6 points 1 year ago

It would be better if you had a local tool telling you that - one that you control and only exists on your personal devices, kind of like secure messaging platforms such as Signal.

Another great later would be for all compromised passwords found in breaches to never be usable anywhere ever again, thus helping to thwart the most common form of breach we see today: credential stuffing.

[–] UrPartnerInCrime@sh.itjust.works 2 points 1 year ago (1 children)

Sorry you can't use *******

That wouldn't help that much

[–] kamen@lemmy.world 2 points 1 year ago (1 children)

This was supposed to be a joke; of course it wouldn't.

[–] JoeBigelow@lemmy.ca 2 points 1 year ago* (last edited 1 year ago)

It's a pretty old meme, hunter11, but it checks out.