Comment by TZubiri Comment by TZubiri 4 days ago 4 replies Copy Link View on Hacker News "Your password is too similar to your previous password"Hmm, how would you know that.
Copy Link Uvix 4 days ago Next Collapse Comment - Don't you generally have to enter the current password to change it to a new one? Reply View | 1 reply Copy Link TZubiri 4 days ago Parent Collapse Comment - Interesting. I guess you could do it on the frontend by asking for old and new passwords simultaneously and sending the hashes to the backend.That said, it means that you can skip this check by hacking around the front end check haha Reply View | 0 replies
Copy Link TZubiri 4 days ago Parent Collapse Comment - Interesting. I guess you could do it on the frontend by asking for old and new passwords simultaneously and sending the hashes to the backend.That said, it means that you can skip this check by hacking around the front end check haha Reply View | 0 replies
Copy Link tharkun__ 4 days ago Prev Next Collapse Comment - By making it less secure. Like those auth schemes back in the day that sounded great in theory until you figured out that in order to implement them the provider had to store them un-hashed. No thanks. Reply View | 0 replies
Copy Link throwaway843 4 days ago Prev Collapse Comment - Hash each character. Reply View | 0 replies
Don't you generally have to enter the current password to change it to a new one?