This content is likely not relevant anymore. Try searching or browse recent questions.
whether Google can identify passwords that are too widely shared 0 Recommended Answers 4 Replies 0 Upvotes
An institution has its email hosted by Google (I don't know the domain but I gather managed by Gmail's people). The institution's security is compromised not by Google but by the institution's people almost all failing to change their passwords from the shared default.
A solution would likely require Google (paid for by the institution) to check its servers for password hashes that are identical more often than some threshold for the same institutional customer. I'm writing here in the hope that Google can do that check. I'm not asking Google to do so (I don't represent that institution) but hoping that Google has the capability. I already got in touch with the institution and made suggestions for its security, including that it ask Google for hash counts and ask Google to help the institution force within-institution password changes and also force uniqueness or near-uniqueness through periodic reviews of hashes of all of the institution's users of institutional Gmail to see if too many are identical.
I have a Google login but not Gmail so I may not have access to relevant help pages, especially those for institutional support.
Details
Link to post
Delete post?
This will remove the reply from the Answers section.
Notifications are off
Your notifications are currently off and you won't receive subscription updates. To turn them on, go to Notifications preferences on your Profile page.