3 upvotes, 1 direct replies (showing 1)
View submission: How to keep your Reddit account safe
But doesn't reddit know my salt? if they know my salt and they guess my password due to it being leaked on a 3rd party site, they can match a generated salted guessed password hash to the salted password hash I use to login.
In any case you can literally just write a script to log into reddit using leaked username/password combinations and test that way too.
Comment by bathrobehero at 06/05/2019 at 22:28 UTC
1 upvotes, 1 direct replies
I meant if the leaked password are not in plaintext, but hashed, then it should be useless because they should be hashed differently. Everyone should change the default salt data to something else.