Hacker News new | more | comments | ask | show | jobs | submit login

Am I the only one that feels uncomfortable with these kind of sites?

Anyway, I tried "abc124" and received: "It looks like your passwords may be safe. No instances of compromise are recorded in this database. However, it's good practice to change your critical passwords regularly and ensure they are not re-used across multiple sites."




How many people would fall for it if it first asked for e-mail, said it was safe, and then "test your password too?"


well, if it was actually safe to do, a password tester would be smart for a lot of people.

you might think that the phone number of that cute girl in that movie combined with her initials is a safe password, but if you check out some of the password lists that have popped up the last year you'll see that alot of people thought the same way.


Has anyone published stats on some of the password lists that have been released lately? I'd like to know if they still conform to some of the old 'rules' about common passwords and the like. How many are just words with a single digit at the end, how many include no digits. What percentage are dictionary words? What percentage are leet-speak-ified dictionary words, etc.


my passwrod, HUNTER2, is surely safe. I checked with some IT friends I met on IRC. Whenever I type my password, HUNTER2 - the rest of the world cant see it. So I am not worried.


Obligatory quote: http://bash.org/?244321


HN replaces passwords with stars too.

Please try it in your replies.


Downvoting? Come on - there is always delete button.


You're supposed to enter your email address... lol. There's a reason the text box says "Enter email here" and the bottom of the page discussed the "email entered will not be...". Also, it just doesn't make any sense to search by password.

Yes, I would be disturbed if a public site was reversing weak poor choices in hash algorithm and publishing data about the resulting passwords.


However, a "should I change my password site" that takes passwords as an input would be pretty simple, just save the entered password and then say "YES".


Well that's embarrassing. Yes, you're quite right, I read everything except that box and I the bottom text (which was just outside of my scroll view).

The only defense I can offer is that the name, introduction and the feedback text (which should at least check for "@") is kind off or misleading.

Anyway, my fault, I apologize to the web site creator.




Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: