Only if you are not able to characterize the hashing scheme, or if you think the app uses a static salt that you don't know. Then having a known plaintext would help figure it out. But I think you would only need one, not a ton of them.
It seems like if someone hacks a system so badly that they get the whole DB, they can probably also figure out the hashing scheme while they are in there.
I doubt that a dramatic uptick in new user registrations is a useful precursor signal.
It seems like if someone hacks a system so badly that they get the whole DB, they can probably also figure out the hashing scheme while they are in there.
I doubt that a dramatic uptick in new user registrations is a useful precursor signal.