Viewing a single comment thread. View all comments

LnWpxtqPEXyDjAH9rs27 wrote

Have you done even a tiny bit of research?

Downloading the Pwned Passwords list

The entire set of passwords is downloadable for free below with each password being represented as either a SHA-1 or an NTLM hash to protect the original value (some passwords contain personally identifiable information) followed by a count of how many times that password had been seen in the source data breaches. The list may be integrated into other systems and used to verify whether a password has previously appeared in a data breach after which a system may warn the user or even block the password outright. For suggestions on integration practices, read the Pwned Passwords launch blog post for more information.

Please download the data via the torrent link if possible! If you can't access torrents (for example, they're blocked by a corporate firewall), use the "Cloudflare" link and they'll kindly cover the bandwidth cost.

1

Wahaha wrote

No, I don't care enough. My point is that the tool is designed in a way to fish more passwords and the moment you "check" your password with the tool, you have to change it anyway, so there's no point in doing so in the first place.

Also, why would anyone download hundreds of gigabytes to check whether their password is compromised, if one could also just update their password?

1