Hacker News new | past | comments | ask | show | jobs | submit login

If your users are getting pwned because they reuse their easy leaked passwords on your service, then that's the real world adversary.

Also, all passwords appear in plaintext at some point. Even when sitting in a type="password" field that was autofilled by your uber secure password manager.

The main problem is that this solution is just pointlessly bad UX for most sites. But worth it (or something like it) if your users are losing real money.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: