Yea, you are correct. The database size should be based on the hashing algorithm.

It’s usually shoddy (or intended?) coding that only allows a 16 byte length for the password. One character equals one byte of memory so my guess is they only allocated 16 bytes of space for the password. The irony is NIST 2025 recommendations argue for AT LEAST 15 characters for passwords.

Cape looks dope. Anyone have experience with their service?

The article claims that 1 trillion dollars was lost to scams in 2024 “based on research from GASA.org”. I cannot for the life of me figure out where this number comes from. Going to that website they say it’s based on ~58,000 surveys. I think they took the survey results, took the average amount of money the surveys claimed people lost and multiplied it by the total population of Earth or some nonsense shit. Their reports are blocked behind registration, which I’m not willing to do to find out their report is bullshit. Misinformation at its finest right here.

While this is good news, the fight for privacy in the digital age will never end. They will continue to take small bites until they have the entire pie. Unfortunately we never (or rarely) regain any digital right to privacy that has been taken in the past. The best we can do is halt the further erosion of our digital privacy through vigilance, education and protest.