K-anonymity was introduced to solve the problem: "Given person-specific field-structured data, produce a release of the data with scientific guarantees that the individuals who are the subjects of the data cannot be re-identified while the data remain practically useful”.
This concept became popular when it started to being used to verify if passwords were being part of breach databases without disclosing the actual password (either in cleartext or in hashed form). To check passwords against leak databases, a very simple implementation is required, described in a few steps here: 1. First, create a hash of the investigated password with the same algorithm used in the breached passwords database, this is usually SHA1 or similar. 2. Take the first few characters of this hash, and request all matching hashes that belong to breached or compromised passwords. Due to the nature of hashing algorithms, this will usually reduce the number of matches from billions of records down to a few dozens or hundreds. 3. After the list of matches is retrieved, compare them in full against the local hash to identify if there is a match, concluding that the password was already breached before.
With our Shadow IT Readiness Assessment, you can easily evaluate where your organization stands at the moment against Shadow IT risks. It's quick and anonymous, with instant results.