Monday, January 30, 2017

Facebook Accepts Slightly Mis-typed Passwords

Interesting threads on Hacker News and Stack Overflow. It sounds like Facebook accepts different variations on your password, and it also warns if your new password is too similar to your old one. In both cases, this is done by generating strings (e.g. with different case or the last character removed) based on what you typed. Only the hash of the actual password is stored.

Comments RSS · Twitter

Leave a Comment