In June 2007, the National Institute of Standards and Technology (NIST) released guidance that said that sites should check potential passwords against previous data breaches, in order to ensure they ...