It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Russian hackers released a giant list of passwords this week, and on Wednesday security researchers identified their likely source: business social networking site LinkedIn. LinkedIn (LNKD) confirmed in a blog post late Wednesday afternoon that some of the stolen passwords correspond to LinkedIn accounts. The company did not offer any information about how the passwords were stolen or the extent of the damage, but it said it is "continuing to investigate" the matter. The 6.5 million leaked passwords were posted Monday on a Russian online forum, camouflaged with a common cryptographic code called SHA-1 hash. It's a format that's considered weak if added precautions aren't taken. Roughly half of the "hashed" passwords have already been decoded and posted online in human-readable text.
TextThe problem with SHA-1 is that it translates the same text the same way each time. So if your password is "password" and your friend's password is also "password," they will be hashed exactly the same way. That makes reversing the process to uncover the original password significantly easier. That's why security experts recommend that companies with giant lists of private data like LinkedIn add another security layer called "salt."