GuiGui's Show

As part of our Application Security offering, we offer a free feature that checks if a password has been leaked in a known data breach of another service or application on the Internet. When we perform these checks, Cloudflare does not access or store plaintext end user passwords. We have built a privacy-preserving credential checking service that helps protect our users from compromised credentials. Passwords are hashed – i.e., converted into a random string of characters using a cryptographic algorithm – for the purpose of comparing them against a database of leaked credentials. This not only warns site owners that their end users’ credentials may be compromised; it also allows site owners to issue a password reset or enable MFA. […]

Our data analysis focuses on traffic from Internet properties on Cloudflare’s free plan, which includes leaked credentials detection as a built-in feature. […]

Sur les offres pros, l'option doit être activée, vu que Cloudflare prétend alors agir sur instruction du client afin de se prétendre sous-traitant d'un responsable de traitement au sens RGPD.

#mdp #mot de passe #réutilisations