Woof. This is why it’s critically important to use a password manager. We simply have too many accounts to remember unique passwords, and repeatedly we see some of those accounts will get breached and your details stolen.
This is why it’s critically important to use a password manager.
Except for people who used 1Password, DashLane, LastPass, Enpass, Keeper, and Keepass2Android.
Anyone have a link to the actual list? [Or, more specifically, has haveibeenpwned incorporated it? I can’t find anything on their site stating so.]
The article says their tool “will” include the new ones, so I plan to check it and haveibeenpwned in a couple days.
Thanks, mate! I’m sure I can find the list on the dn somewhere, but I don’t actually want/need the list itself.
Same and I’m not sure I want my browser history to have that I went looking for it lol
https://haveibeenpwned.com/ is another option that has the largest data base of passwords, phone numbers and e-mail
So, only passwords, right? Not associated with usernames?
I would assume that because the original rockyou list was always just used for dictionary brute force attacks, so no associated usernames.
Correct. This is a brute force dictionary. It’s a very powerful tool, but it’s applications are severely limited. Any well designed system has protection from brute force attacks. It’s mostly useful for stuff like cracking encrypted databases, which would be a situation where the target is entirely under your control. You can’t just break into someone’s Gmail with it.
How would you even crack an encrypted database? I guess the hacker somehow stole it from the server and has it in their dump of other databases they’re trying to crack? I don’t do hacking, I’m just curious with how it works.
password123 is still my password of choice.
