16 upvotes, 1 direct replies (showing 1)
View submission: Q4 Safety & Security Report
What do you do when you discover a Reddit account has had its password breached? Do you send an automated PM telling them to change their password?
Comment by UndrgrndCartographer at 16/02/2022 at 23:23 UTC
30 upvotes, 1 direct replies
Great question -- when our system sees an account has a breached password, we take a “Protective Account Security Action”[1] (you can see the numbers for that in the report above as well). This means we send a message and an email asking the user to change their password, and restrict certain account functions until the user resets their password.
1: https://www.reddithelp.com/hc/en-us/articles/360045735031