this post was submitted on 25 Aug 2024
564 points (98.5% liked)
Cybersecurity - Memes
1995 readers
1 users here now
Only the hottest memes in Cybersecurity
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That doesn't make it better.
Even if you only store past passwords, that is absolutely disgusting security practice.
I think you don't understand the point.
You enter your current password when changing your password. So it's already there. In memory. There's no need to persist any plain text.
In memory does not allow you to compare to multiple past passwords.
Stop, they might hear you! “Enter your previous 3 passwords”
I mean, Google already does this for account recovery. One of their recovery methods involves entering "the most recent password you remember" and I'm guessing on the back end also does some precision guess work related to the machine making the reset attempt. If it's a LG phone in Fargo ND matching one you were previously logged into it'll be more likely to let you in for example (this is pure speculation based on what I've witnessed people struggling to regain access to their Google accounts go through)