I created an app, that stores your password with bcrypt, and the input type of the form is password. I don't understand why I am receiving this alert? Why am I getting "A data breach on a site or app exposed your password. Chrome recommends changing your password on "SITENAME" now."
axios.post(`/signup`, {
userBody: values.username,
passwordBody: values.password
}).then(response => console.log(response))
.then(response => history.push('/login'))
.catch(error => {
setErrors({
error: error.response.status
})
})
} else {
alert('cant be empty fields')
}
}
server.js
app.post('/signup', async (req, res) => {
const today = new Date();
const userData = {
username: req.body.userBody,
password: req.body.passwordBody,
created: today
};
User.findOne({
where: {
username: req.body.userBody
}
})
.then(user => {
if (!user) {
bcrypt.hash(req.body.passwordBody, 10, (err, hash) => {
userData.password = hash
User.create(userData)
.then(user => {
res.json({ status: user.username + " registered" })
})
.catch(err => {
res.send('error' + err)
})
})
}
else {
res.status(500).json({ message: 'message' })
console.log('User exists')
}
})
.catch(err => {
res.send('error' + err)
})
})
If you see a message saying “you haven't saved any passwords in your Google Account yet,” the save password feature is NOT enabled, and the data breach message you received is likely a scam that should be ignored.
The page will tell you if the saved passwords in your Google Account were compromised in a breach. Originally, the technology was a part of Chrome's Password Checkup technology, but now you can use it by entering your Google account's settings.
To help you secure your accounts, Google can help notify you if we find any of your saved passwords have been compromised. If you're notified about an unsafe password: Go directly to Password Checkup to make sure the notification is authentic and change any unsafe passwords.
In Chrome, tap the three vertical buttons on the far right of the address bar and select Settings. Go to Passwords > Check passwords. Chrome will scan all your saved passwords and show you a list of those that have been compromised.
The code appears okay. If you are using Google Chrome it has a feature that warns if the password you are using has been previously compromised. So, if you are testing with a common password this may occur. If this is production than you should update your password as the warning indicates.
Link to Consumer Affairs Article: New version of Chrome warns users if their password was exposed in a data breach
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With