[Command & Control (formerly Futurae Admin)] I received a warning that my password has previously appeared in a breach. What is this and what should I do?

Your password is stored on the Command & Control (admin.futurae.com) server using a state-of-the-art one-way encryption (hashing, with salt) mechanism so that it is not easily retrievable (of course, this also depends on the  actual strength of your password).

When you login, your password is sent securely to the server (over TLS) which hashes it  and compares it which the stored hash for verification.

At this point, and using the "';--have i been pwned?" service we can check in a privacy-preserving way, and without revealing your password to the particular service (https://haveibeenpwned.com/privacy, Section "When you search Pwned Passwords") whether your password has appeared in a publicly leaked data breach. If yes, then we issue a warning to you.

We strongly recommend that you never use that password again, on any site, and that you change your password on Command & Control as well as any other sites on which you use that password.