81 upvotes, 11 direct replies (showing 11)
View submission: How to keep your Reddit account safe
Reddit, like many other online services, utilizes public breach disclosure information of leaked passwords posted online to proactively detect if those passwords can be used to log in to your Reddit account. This is performed securely by following the same procedure with the password as you would to verify it works, and if successful we immediately force a change to reset your password to invalidate that externally compromised credential.
Comment by FakeAmazonReviews at 06/05/2019 at 17:26 UTC
37 upvotes, 3 direct replies
Is there a way I can force a reset of my password? I forgot it, apparently never verified my account. I can still log in through the reddit app but can't login to website reddit to verify my email.
Comment by [deleted] at 06/05/2019 at 17:26 UTC*
7 upvotes, 3 direct replies
[deleted]
Comment by ready-ignite at 06/05/2019 at 18:10 UTC
5 upvotes, 2 direct replies
I'm surprised the submission doesn't touch on popular reddit add-ins that store account login detail locally in plain text.
Comment by It_Might_Be_True at 06/05/2019 at 17:38 UTC
2 upvotes, 6 direct replies
Can you explain how you do this without having a password in plaintext?
Comment by g_e_m_anscombe at 07/05/2019 at 05:15 UTC
2 upvotes, 0 direct replies
Thank you for explaining and for doing this. It’s really cool!
Comment by idontgotgoodname at 07/05/2019 at 02:32 UTC*
1 upvotes, 1 direct replies
Do what fortnite and xbox does; use 3 step authentication wich is email, password, then phone and then *use your phone number or home address for the passcode*
Comment by [deleted] at 06/05/2019 at 19:30 UTC
0 upvotes, 5 direct replies
If Reddit wouldn't force us to display our username everywhere and attach to everything we post, then leaked passwords wouldn't do any good. If you don't know the username, then a password loses its power. And no, nicknames don't work here.
​
For security, having a private login that's never ever displayed to anyone but the user would be the way to go. Then, as long as it's tied to a private e-mail, you're 100% safe. My logins are never tied to emails I use for the public. With most of my logins, I could tell you my password and you still couldn't log in. Not without my login! I really don't understand how Reddit can not know this.
Comment by DanHalen_phd at 07/05/2019 at 14:14 UTC
1 upvotes, 0 direct replies
So our passwords are stored in plain text?
Comment by Smart_Guy_420 at 07/05/2019 at 09:48 UTC
1 upvotes, 0 direct replies
You got downvoted for no reason
Comment by [deleted] at 06/05/2019 at 18:34 UTC
-5 upvotes, 3 direct replies
This is a lie lol my buddy hacked a furry's account with a password she got from a roblox account password dump with the same email for both accounts
Comment by Precat8 at 06/05/2019 at 19:10 UTC
-1 upvotes, 0 direct replies
Bro why u have 1.4k downvotes on the other post