Comment by bwfcwalshy on 26/02/2020 at 22:28 UTC*

5 upvotes, 0 direct replies (showing 0)

View submission: Reddit Security Report -- February 26, 2019

As we mentioned in the previous post, we finished a massive historical credential matching effort. This is why we see a significant reduction in both the number of accounts processed and the protective account actions. With this complete, we can start working on more account hardening efforts like encouraging 2fa for high value accounts (think mods and high karma accounts) and ensuring that people aren’t using commonly-breached passwords

I'm glad to see more action being taken against account security (also huge props for using HIBP!!).

The "ensuring people aren't using commonly-breached passwords" Will at least part of this checking with HIBPs API during the login/signup flow and then if using a pwned password **at least** strongly encourage the user to change/use another password?

Replies

There's nothing here!