mkb: not that they couldn't do that without forcing a change
brycec: Yeah that makes sense. Assuming it was stored hashed in the first place, they may still want to improve it, eg. using a higher number of PBKDF2 cycles than had been initially used.
Good thinking.
***: Guest2203 is now known as pjs
mercutio: facebook is down :)
mike-burns: Yay!
brycec: Huh. I just got the same email as nathani
It links to https://www.dropbox.com/help/9257?oref=e
Embarrassingly, it's right. I set that password on Sep 11, 2012 according to my password manager. Bryce should know better... But hey, at least U2F.
"we learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012. "
Well this was fun to sit back and watch https://blog.lastpass.com/2014/12/introducing-auto-password-changing-with.html/
wtf... it just set it to one of my other passwords.
***: Nahual has joined #arpnetworks
dj_goku has quit IRC (Ping timeout: 252 seconds)
dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host)
dj_goku has joined #arpnetworks
Nahual has quit IRC (Quit: Leaving.)
nathani: The most important takeaway and useful in general and hence the need for password managers in the first place: "However, if you’ve reused your password on other sites, you should update those passwords." ie: Dont re-use passwords