Follow
Just received an extortion email revealing that a weak password was associated with my email address - somewhere. Checked my password manager. Now I know who isn't salting their passwords.
@grumpysmiffy They’re not on the Have I Been Pwned list so either they don’t know they’ve been compromised or they’re not telling. Guess which is more likely.
@futzle Yup. And why they've changed their password requirements.
@futzle They've got some really neat shit, but security is NOPE. When I changed my password, requirements were min 8, max 10, must include digits and mixed case. 10???
My lovely high-entropy XKCD correct-horse-battery-staple (in which I mix languages) don't get a look in
@grumpysmiffy Name and Shame.