On 3/24/20 11:36 AM, Steve Freegard via mailop wrote: > I also found that I wasn't discarding some drive-by stuff which is more akin > to > what you were talking about so I've also corrected that which will further > reduce the noise, raise the quality and reduce the number of daily reports > being > sent.
Hi, I have just checked the latest Abusix report I have received for free.fr accounts. Out of the 56 reported accounts, I have : - 8 accounts that have never existed (14.3%) - 2 accounts that do not seem to have ever used the hashed password. These acccounts have never been detected as compromised on my side. - 3 accounts that seem to have used the hashed password but changed it. These accounts have never been detected as compromised on my side. All other accounts (76.8%) have been blocked between 2015 and late 2018 (either their passwords their published in combo lists, or their accounts were detected as compromised) and all the hashed passwords were in my "compromised passwords" list. From my point of view, there has been a great improvement in your reports. But, AFAIAC, there are quite useless as (1) the data is quite old (even if the compromised passwords are still checked) and as (2) I am collecting the compromised passwords to be sure that a user will never reuse a password slightly modified. François _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
