@x0rz I wonder what would happen if someone get web server's logs from haveibeenpwnd.com .They are at least 4 providers involved on this web: Google(Analytics), Raygun, Cloudflare, Microsoft (Azure). So if you check pswd there, you should always change it afterwards, no matter of results
Excellent point @nedelne_rano. I even looked at the code to see if someone developed it for real.
Then I've noticed, even if my Python knowledge is subzero, that they are checking the first 5 characters of the hash not the password itself, so at the end is not too bad.
@x0rz Thanks mate.
Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!