In view of a number of incidents involving members accounts being taken over due to weak/compromised passwords, we have brought forward the implementation of a password check against Have I Been Pwned's list of 613 million known compromised passwords.
If you're already logged in, you will not be asked to change your password even if your password has appeared on any leaks. However, you will be required to change your password at your next login (or if someone tries to access your account based on a leaked password ).
More information on how this is done is available at https://haveibeenpwned.com/Passwords
If you do not receive a password change prompt, it means your password is unique and secure, and you will not need to do anything further.
We are also currently working on 2 factor authentication, and email logins to further strengthen account security.
Should you have any questions, please feel free to open a thread at the Helpdesk. If you run into any issues with your password change (old expired emails etc), please drop an email to helpdesk@lowyat.net.
Account Security - HIBP Compromised Password Check