CJ

My feedback

  1. 1,413 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      59 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
      CJ commented  · 

      I understand the problems with complexity of the + (stripping useful information, etc) but what about periods? If my email is

      plusproblem

      I can put periods anywhere in that email address and they will all resolve to me.

      plus.problem
      pl.us.pr.ob.lem
      plusprobl.em

      You're not adding a suffix, just inserting periods. How complex would it be to detect variations like that? Perhaps a way for a user to opt-in, noting "please check for period variations on my email address"? That way you're not scanning an astronomical number of permutations against a list. For example, knowing I've opted in and my email starts with "pr" look for all breached emails starting with the letters "pr" and strip the periods from them in a temporary list, and compare with mine?

      The reason I ask is because I've used a lot of period variations and can't always remember the way I've used them. I only got notification of a recent breach from a vendor themselves, not HIBP. I could add as many as I could remember to the HIBP mailing list, but don't want to stuff your database with that if this will be added at some point.

    Feedback and Knowledge Base