Fixing Data Breaches Part 2: Data Ownership & Minimisation
Troy Hunt
DECEMBER 19, 2017
Data Collection Should be Minimised, Not Maximisation. HIBP only needs an email address because that's all I'm looking for when someone appears in a data breach. Report URI needs a password as well because you need to be able to login. We don't even collect a name on either of those services because what good would it do?
Let's personalize your content