Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Many people here have echoed similar sentiments, but I really wish they would give you any sort of information so you could have any sort of idea of what got pwned and ideally when. Was it a bank account, or some random forum? As it stands the action of even processing this data was of very little utility.

As with roughly a quarter of the planet, I was in this breach. My 1Password Watchtower is green. I cycle important passwords regularly. Back 10-15 years ago my passwords like most peoples were much shorter and not randomly generated. All of them for everything show up in the passwords search.

The utility of Have I Been Pwned approaches zero the longer you have been on the internet, and I have been on the internet since the late 1990s.

We're left in a place where everyone but the victim knows the compromised account, and that's just kind of absurdly useless.



> The utility of Have I Been Pwned approaches zero the longer you have been on the internet, and I have been on the internet since the late 1990s.

I mean if your 1Password is green then HIBP has definitely helped.

First of all, without HIBP, you wouldn't have Watchtower.

HIBP has raised awareness on having unique passwords per site.

HIBP has achieved that multiple services now can and check if particular password is leaked or not.

Of course you could argue that since your security hygiene is so good you don't need HIBP. True. Let's pretend every people on planet will be generating unique passwords per service. Great. HIBP will have achieved enourmous job of making the planet more secure.

And still a notification if you appear in some breach that can be attributed to a service - good signal to change password.

Hats off for you cycling the password.. Have you ever ran into problems with that? Say you kinda rotated password but it no longer is accepted or something?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: