• Charzard4261@programming.dev
    link
    fedilink
    arrow-up
    3
    ·
    26 days ago

    Not a silly question! The answer is technically yes, but not really.

    Considering there are still sites that store plaintext passwords, there has to be some that just hash it and call it a day. For those, once you crack the hash, you know everyone with the same hash has the same password. Any real site does some more complex stuff to “personalise” each hashed password.

    The real issue is when you reuse the password and it gets cracked once, people will try that with your email for other leaks and live sites. If a lot of people use the same password (like “password123”), they’re likely to try it as one of the first guesses to crack any new leaks.

    I’m oversimplifying my already oversimplified knowledge of basic cryptography, but it’s a really interesting topic!