Answer by dhasenan for If a password is compromised, is a "similar" password...
This depends on what you are worried about. For a wide-scale, automated attack using credentials from one site on others, the attacker will go after the easiest portion first -- people using exactly...
View ArticleAnswer by yogsototh for If a password is compromised, is a "similar" password...
My short answer is YES. For example : strongpassword+game.com compromised, If I am an attaquer it is really easy for me to understand the pattern you used and try it on other websites. For example...
View ArticleAnswer by Michael Trausch for If a password is compromised, is a "similar"...
It really depends on what you're getting at! There are an arbitrary number of methods for determining whether a password is similar to another one. Let's say for example that you use a password card,...
View ArticleAnswer by queso for If a password is compromised, is a "similar" password...
To answer the last part first: Yes, it would make a difference if the data disclosed were cleartext vs. hashed. In a hash, if you change a single character, the entire hash is completely different. The...
View ArticleIf a password is compromised, is a "similar" password also compromised?
Suppose a user uses a secure password at site A and a different but similar secure password at site B. Maybe something like mySecure12#PasswordA on site A and mySecure12#PasswordB on site B (feel free...
View Article