What wrong with this system to proactively check if customers’ passwords have been found in a breach?
Let’s say that during account creation, I already prohibit passwords known to be reused from breaches of other sites, like if it’s in the Have I Been Pwned list. But breaches happen all the time, so what if my customers’ passwords show up … Continue reading What wrong with this system to proactively check if customers’ passwords have been found in a breach?