
Analyzing haveibeenpwned password safety with kNN - kdn251
https://medium.com/@eugenhotaj/knn-for-pwned-passwords-e4895f66b836
======
bradknowles
This doesn’t actually analyze HIBP in any way. In this case, HIBP is just an
inspiration for this article.

This algorithm just checks a password you enter against the Levenshtein
distance of words in the password database, and if you are close enough, it
tells you that there is a match.

That’s two totally different things.

And the HIBP database is huge compared to anything the author might have dealt
with here.

Moreover, algorithmic complexity of calculating Levenshtein distances on huge
databases has not been considered.

~~~
eugenhotaj
Hi, author here. Thanks for reading! Yea these are all great points and most
are brought up in the article.

