undefined | Better HN

0 pointsryanlol8y ago0 comments

I made a very specific claim which I can back up with actual data if necessary.

I will make that claim even more specific:

Less than 5% of the email:password combinations in the linkedin dump work today as email logins. “most” suggests a far higher success rate.

0 comments

Godel_unicode8y ago

You added a predicate not present in the statement you replied to, "where mailprovider like LinkedIn_dump.mailprovider". Anecdotally, in authorized enterprise password audits I am frequently forced to remind people who were part of that breach that they need to change all instances of their compromised password, not just the one for the email they used in the breach. Maltego is a thing.

Also, with regard to your claim to have data about which passwords work. You should be aware that accessing someone's account with their username:password without permission (even a breached password) is likely illegal in the United States under the CFAA.

j / k navigate · click thread line to collapse

0 pointsryanlol8y ago0 comments

I made a very specific claim which I can back up with actual data if necessary.

I will make that claim even more specific:

Less than 5% of the email:password combinations in the linkedin dump work today as email logins. “most” suggests a far higher success rate.

0 comments

Godel_unicode8y ago

j / k navigate · click thread line to collapse