Sign in / up

back to article Pwner pwns Pwnedlist pwnage property, pours pwned passwords

Security researcher Bob Hodges has found a critical flaw in PwnedList, an email service that allows users to check if their email addresses have been exposed by prominent hacks. PwnedList checks "commonly circulating lists of accounts and passwords" and lists some 866 million compromised credentials. The parameter tampering …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. lglethal Silver badge
    Devil

    Call me cynical

    But that seems like an excellent way to gather people's emails and passwords...

    "Roll up, roll up, Ladies and Gentleman. Give ME your emails and passwords and I'll check to make sure they have been compromised by other miscreants."

    "Here you go. Has my account been compromised?"

    "Well it hadn't been..."

    9 0 Reply
    1. Ian 55
      Reply Icon

      Re: Call me cynical

      It just wanted to know the email address.

      For sensitive stuff, like the AM hack, it also checked it was yours...

      But as he said, this info was already leaked - that was the point of the site.

      0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like