Mark Burnett, an independent security analyst, recently released 10 million passwords and usernames. Burnett scrubbed financial and domain information from the data and said his goal was “
to further research with the goal of making authentication more secure and therefore protected from fraud and unauthorized access.”
Was this decision a responsible approach improving password security?
Listen to our latest security slice podcast and hear
Tim Erlin,
Craig Young and
Lane Thames discuss why it was necessary to include usernames in the data dump, the difference between publishing and trafficking in passwords and why legal action against Burnett could hurt future security research.
MORE PODCASTS