I'm a day and a half behind with this week's update again - sorry! Thursday and Friday were solid with training in Melbourne so I recorded Saturday and am pushing this out in the early hours of Sunday before going wakeboarding - is that work / life balance? But there's been a hell of a lot going on, particularly around HIBP and I'll be talking a lot more about that in the weeks to come.
For now, I did actually get a post out this week and also found myself in a rather unexpected debate about password managers, biometrics and "fun". I spend quite a bit of time this week talking about that, I'm curious to hear other people's thoughts on it too. Next week's update will be with Scott Helme again so if there's anything in particular you'd like to hear from him (us), drop me a note on it.
References
- Last week's update had some really off the mark comments about biometrics and password managers (still not sure whether that was spam or organic comments)
- Pwned Passwords did 16M requests in a day with a 99.4% cache hit ratio! (I expect that ratio will only go up as demand increases)
- PayPal's cert hasn't been showing EV in Chrome since September (which perfectly demonstrates why EV doesn't work as advertised)