Hacker News new | past | comments | ask | show | jobs | submit login

What site out there is sending my plaintext passwords to a 3rd party service to validate their strength?



Hopefully none, and hopefully they are all following best practices to protect your password, but you trust them regardless. Besides, who said plain text, such service could use ssl.


I think he meant plaintext as opposed to a hash of the password.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: