How MSN can do more harm then good


#1

The article in question: https://www.msn.com/en-us/money/technology/nearly-773-million-email-accounts-have-been-exposed-in-a-massive-data-breach-heres-how-to-check-if-you-were-affected/ar-BBSnsJ7

This article discusses the use of HaveIBeenPwnded to check whether an account you owned may have been compromised. Good for them. Public service. But, then…

The article continues to say, to check whether any of your passwords have been checked, go to the password tab and enter any passwords you have ever used to see if they’ve been compromised. :shifty:

So I’ve already entered my email address, and now I’m supposed to enter any passwords I’ve ever used? Ummm… :eek:

Talk about fast tracking someone to lose their identity :banghead:

I know that they’re trying to provide a public service and help people out, but this is not the way to go about it…


#2

But, but, but, both sites are made by Microsoft people with only good intentions for their users. :smiley:


#3

Troy’s been running HIBP for years and tbh I feel like the password entry is one of those… “If you’re going to type your password into a (random) website, your password is probably on this list.” honeypots.

The lookup service is still a good one though - your email is already mostly public data anyway.


#4

It’s about time something like this has become available. If only there would be similar for credit card numbers, maiden names, school mascots and first automobiles I’d feel much more secure :shifty:

I find this file an interesting read


#5

Second that!

Many years ago, when online fraud was new, I was warned by a concerned police inspector that a card number of mine was found in a suspected group’s possession.

I still use that same card (with no credit) for online purchases and pay services. :slight_smile: