Haven’t looked much into the breach, but probably the biggest issue is passwords. If unencrypted, and a user uses the same generic password for their email or bank or whatever, that possess a serious concern.
This highlights the importance of not reusing passwords
Edit: looks like passwords were hashed with bcrypt, which is really quite excellent. Very unlikely anybody is getting actual passwords from this leak.
Haven’t looked much into the breach, but probably the biggest issue is passwords. If unencrypted, and a user uses the same generic password for their email or bank or whatever, that possess a serious concern.
This highlights the importance of not reusing passwords
Edit: looks like passwords were hashed with bcrypt, which is really quite excellent. Very unlikely anybody is getting actual passwords from this leak.
If someones reusing their passwords then their passwords will likely be found very easily with rainbow tables.
Rainbows tables are mostly irrelevant lately. Well at least if u follow proper salt and proper reccommendationa.
Which bcrypt does, since it generates a unique salt per-password.
If your password is long/complex enough, it ain’t going to be on a rainbow table. But yeah.
People reusing passwords probably also aren’t using long and complex passwords.
why not? they may have one long pass that they remember and use for everything, can’t be bothered to remember more of them.
That’s probably correct, horse battery staple.
I’d hope that passwords would be unencrypted, really they should be hashed ;)