Quote:
Originally Posted by luka
The site is legit. You only have to enter your email address and no passwords so it is not collecting much useful information.
|
..except a valid email address that can be sold to telemarketers.
And any site that is for testing a password strength (not this site) can be used to collect passwords people are using or want to use, to add to a dictionary file to help dictionary attacks succeed before resorting to brute force. Human nature being what it is people often use the same password or a varient over and over, especially online. its just either for people to have a single password for all online forums or for all their online banking accounts etc. very few people generate high strength random sequences for any accounts in practice. or create throwaway email accounts for all those stupid "must supply valid email for this site you'll only ever visit the once" websites. ANY little fragment of information you type into a website can and probably will be collected for someone to profit from.