Joon-T

Hi. There was a show, I believe it was a Threatwire episode, in which Shannon introduced a web site for checking password hashes against an online database of known password leaks. I can't seem to find it, nor the video and, of course I forgot to bookmark any of the two at that time! Can anyone help and post a link to that video, please? Thanks a lot in advance.

Thanks for your lights, digininja. This said, you've explained how pointless it is on a usability standpoint. I'd like to know more about the security aspects. Like is it pointless even as a security measure given all the other back-doors, known and unknown? You see, I'm not the kind of "give in without thinking twice".

Hi all. I'm a newcomer on Hak5 forum but have been following the channel on Youtube for a little while now. I'm a (moderate) fan. I've been an IT person for about 20 years now and all aspects of security do matter to me. In a previous job I was watching the network security and providing users with common good practices. Although I'm no expert I try my best to act as responsibly as can be, leaving room for improvement — I guess there's plenty of it... For several years now the growing number of security flaws, exploits, vulnerabilities and hacks that have been reported through the news and all the channels that I happened to browse give me the creeps: yahoo breaches, XSS, CPU flaws, software bugs and poor programming practices, which government agencies profit from for spying, poor IoT security, connected spy-tools from Google and Amazon... (I'll stop there.) Not that I'm afraid I rather feel disgusted to the point of wanting to run away from a great part of the technology as much and as far as possible. As a recent measure I am running no-script and am, well, contemplating how the modern web browsing age depends on it... and breaks! For having been a web developer, too, I find it infuriating to see most of these sites rely on javascript to provide the simplest animation or gadget while CSS-only is much wiser and profitable to the user experience. As if no developer couldn't do without like their lives depended on it... (that's only my perception, probably exaggerated.) As I also follow the news and behind the (not-so) recent Meltdown and Spectre flaws that top it all I fee like whatever I can do ends up like putting steel locks with 12 digits on a tipi's curtain. So as for Javascript does it make sense to disable it, given that I don't perceive a browser as a safe platform when it comes to security? I have to confess that I asked this question recently and got slapped so bad I was treated like an obsolete, retrograde, has-been, last-century, ignorant monkey. Anyway I'm pleased to see there are still lots of sites perfectly working without and I'm not sure I'm inclined to going back to a full javascript-enabled experience... Thanks a whole lot, guys and keep the good work.