this post was submitted on 02 Nov 2023
434 points (100.0% liked)

196

16444 readers
1497 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
434
Grule policy (lemmy.world)
submitted 1 year ago by [email protected] to c/[email protected]
15 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 30 points 1 year ago* (last edited 1 year ago) (1 children)

If they’re able to determine that you’re using a similar password, it’s because they’re not hashing your passwords and are storing them as plaintext. You should run far far away from any site or service that is able to enforce similarity rules. Because when you properly hash a password, even a minor difference such as upper/lowercase will produce a wildly different result.

[–] [email protected] 19 points 1 year ago

I've been wondering about that. I think they get around it by using the "enter your current password" prompt, so they potentially have it in cleartext for the duration of the session.