If you get a user-password combo, you can try it in more sensitive sites that ma... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Fargren on Nov 20, 2013 \| parent \| context \| favorite \| on: Weak passwords brute forced If you get a user-password combo, you can try it in more sensitive sites that may have stronger protection against brute force attacks. People reuse passwords a lot, specially the kind of users that use weak passwords on the first place. If the account has an email address connected to it, you can also try the password against the e-mail account. That can be worth quite a lot if it works.

Wingman4l7 on Nov 20, 2013 [–]

Ah yes, what with the usual "email address being the skeleton key to your online identity" and all. I keep forgetting about this, and find myself wondering why the heck people are phishing me for my LinkedIn account login.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact