this post was submitted on 12 Oct 2023
333 points (93.2% liked)
Cybersecurity - Memes
1996 readers
1 users here now
Only the hottest memes in Cybersecurity
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
well acshully...
I can imagine this could happen if sites change the implementation, e.g. their password hashing algorithm, in a way that require a password reset. (e.g. the site still used md5 or sha1 for password hashing). They won't allow login with the broken hash. But they still check if the new password is the old one, since the old one could be compromised.
Omfg, I didnt even think of this.