CJ

My feedback

  1. 1,657 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    69 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    CJ commented  · 

    I understand the problems with complexity of the + (stripping useful information, etc) but what about periods? If my email is

    plusproblem

    I can put periods anywhere in that email address and they will all resolve to me.

    plus.problem
    pl.us.pr.ob.lem
    plusprobl.em

    You're not adding a suffix, just inserting periods. How complex would it be to detect variations like that? Perhaps a way for a user to opt-in, noting "please check for period variations on my email address"? That way you're not scanning an astronomical number of permutations against a list. For example, knowing I've opted in and my email starts with "pr" look for all breached emails starting with the letters "pr" and strip the periods from them in a temporary list, and compare with mine?

    The reason I ask is because I've used a lot of period variations and can't always remember the way I've used them. I only got notification of a recent breach from a vendor themselves, not HIBP. I could add as many as I could remember to the HIBP mailing list, but don't want to stuff your database with that if this will be added at some point.

Feedback and Knowledge Base