Replies: 2 comments 1 reply
-
As mentioned in this article (wayback machine because it doesn't exist anymore):
In other words, it looks up the hashed password, not the password itself, which might be why you didn't find it anyhere. As for what list is used, this reply by a GitHub employee says:
In other words, this is not one list, but many, and it is and will not become public knowledge. |
Beta Was this translation helpful? Give feedback.
-
Thanks for your response, Jorrit. I know how hashes work. But since hashes are supposed to give a unique representation for a certain string, we can be quite certain that we're still talking about my password. And if I cannot find my password in any public database, and Github wants to be all secretive about their sources, I'm just going to guess that Github had their user database compromised, and they're making up a story to avoid having to disclose the breach. |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Question
Body
Hi,
Github says that my password is in "a list of passwords commonly used on other websites".
I've checked all the publicly available lists that I could find, and none of them gave a hit on my Github password. And I know that my password is unique, and very random.
So I'd like to know which list Github is using, so that I can check my other passwords as well.
Thanks in advance,
Rob
Beta Was this translation helpful? Give feedback.
All reactions