Cybersecurity

5 readers

17 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

founded 2 years ago

MODERATORS

shellsharks@fedia.io

tweedge@fedia.io

Password reuse is rampant: nearly half of observed user logins are compromised (hear-me.social)

submitted 1 day ago by Jerry@hear-me.social to c/cybersecurity@fedia.io

2 comments fedilink hide all child comments

Password reuse is rampant: nearly half of observed user logins are compromised

https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

#CyberSecurity

top 2 comments

sorted by: hot top controversial new old

[–] scottwilson@infosec.exchange 2 points 1 day ago (1 children)

@Jerry@hear-me.social How would Cloudflare know this, unless they are intercepting and LOOKING AT credentials and otherwise HTTPS-encrypted traffic?

[–] Cheradenine@sh.itjust.works 4 points 1 day ago* (last edited 1 day ago)

I'm no fan of Cloudflare, but did you read the article?

As part of our Application Security offering, we offer a free feature that checks if a password has been leaked in a known data breach of another service or application on the Internet. When we perform these checks, Cloudflare does not access or store plaintext end user passwords.

They then go on to say they hash them and compare the hash to a db.

It's an interesting read