It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

More than 6 million LinkedIn passwords stolen

page: 1
3

log in

join
share:

posted on Jun, 6 2012 @ 03:26 PM
link   
Just a heads up that you may want to change your LinkedIn password.


Russian hackers released a giant list of passwords this week, and on Wednesday security researchers identified their likely source: business social networking site LinkedIn. LinkedIn (LNKD) confirmed in a blog post late Wednesday afternoon that some of the stolen passwords correspond to LinkedIn accounts. The company did not offer any information about how the passwords were stolen or the extent of the damage, but it said it is "continuing to investigate" the matter. The 6.5 million leaked passwords were posted Monday on a Russian online forum, camouflaged with a common cryptographic code called SHA-1 hash. It's a format that's considered weak if added precautions aren't taken. Roughly half of the "hashed" passwords have already been decoded and posted online in human-readable text.


Annnnnnd if you read what I consider a rather boring article you will find that LinkedIn was a lazy Lucy. Not doing a good job encrypting those passwords. Something about Salt. I don't know or care. Just trying to save your butt if you use the service.


TextThe problem with SHA-1 is that it translates the same text the same way each time. So if your password is "password" and your friend's password is also "password," they will be hashed exactly the same way. That makes reversing the process to uncover the original password significantly easier. That's why security experts recommend that companies with giant lists of private data like LinkedIn add another security layer called "salt."


Link




posted on Jun, 6 2012 @ 03:41 PM
link   
unsalted passwords........oh lord thats bad password management but then again i bet half of them had passwords of 6 chars or less and could of been brute forced in a few days



posted on Jun, 6 2012 @ 03:46 PM
link   
I don't use linked in, but on any site where my real identity might be discovered I use at least a 12 digit password.



posted on Jun, 6 2012 @ 04:02 PM
link   
reply to post by DarthMuerte
 


in this case if you have the same password as someone else the moment they crack theirs then they'll get everyone with the same password



posted on Jun, 6 2012 @ 04:05 PM
link   
Great... :/
I don't even remember my password.



posted on Jun, 6 2012 @ 07:52 PM
link   
reply to post by AFewGoodWomen
 


Same. My computer fried not too long ago and all I have now is an old Gmail with a new password. It's a bitch of a password too. I usually get it wrong on the first try.



posted on Jun, 6 2012 @ 08:01 PM
link   
PaSSwordS are so windows 95. I came up with a Graphical Access Scheme, its so cool. they shot it down.
anyone want to be Bill Gates and you have some $$ let me know. I call it ROTO "Relational Operating Terminal Object" - never release anything to anyone - you allow them to view. Roll your current state forward or recall by rolling backward. drag and drop access - even drag and drop job resumes - drag and drop payments.... connect with like minded people automatically, see options before making decisions ... its really cool technology. I call it E=MC2 Cloudware --- IBM said it was pretty interesting and for me to continue working on it... I asked for money to continue working on it and they forgot to send the check. so, anyone want to be build the future ? just let me know.
edit on 6-6-2012 by 1BornPatriot because: (no reason given)



posted on Jun, 21 2012 @ 05:01 AM
link   
I was just over at RT.com reading about this. And I am suspicious as to the identities of all of these hackers because I think it is obvious that the hackers are hired by the governments/military to cause such panic. It's been happening too often lately. I think the cyber-war is mostly started by these governments to secure greater control over the internet and make users feel unsafe and exposed, in short it's just another psy-op funded by black budgets.

I feel that a lot of the computer virus scares are also bought to us by the same sort of people which could be why so few arrests are made in connection with these cyber crimes. I also think that is to make a point to someone specific to tow the official line of something unrelated to the hacking, a warning if you like. A cyber horses head in your bed sort of thing.



new topics

top topics



 
3

log in

join