Hacker News new | past | comments | ask | show | jobs | submit login

Assuming you managed to instantly change the password on every single service you've used it, yes.



Nobody is talking about it, but to compromise someone, you also need the username, which is not sent.


Ah, that's true. In any case, I don't think this is really a reasonable vector of attack, I was just being pedantic at jgc's "the password is not sent" comment.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: