Hi Sidsel, On 9/23/21 12:21 AM, Sidsel Jensen via mailop wrote:
Each hash in haveibeenpwned is associated with a count based on how many breaches it’s been found in. If we find a match on the hash we check the count towards a set threshold, and if the count is higher than the threshold the user will get a big red box in his or her webmail saying - “We really think it would be a good idea if you changed your password. Please do it now.
Would you please elucidate as to why you have the threshold higher than one? I would have naively thought that even being listed one time would be enough to warrant asking users to change their password.
I'm trying to understand why you / your company is apparently using a threshold higher than one.
Thank you and have a good day. -- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
