[LINK] Millions of LinkedIn passwords leaked online
Martin Barry
marty at supine.com
Thu Jun 7 17:00:18 AEST 2012
$quoted_author = "Glen Turner" ;
>
> On 07/06/12 08:36, Dr Bob Jansen wrote:
> > Reports on the BBC indicated that the file was encrypted and placed on a
> > hacker site and asking for assistance in decrypting it.
>
> Yep. SHA-1. But not salted so a rainbow table of passwords from past
> hacks can be used :-(
http://blog.linkedin.com/2012/06/06/linkedin-member-passwords-compromised/
...and having been exposed as not following best practice, they are now
salting passwords. The boilerplate "We take the security of our members very
seriously" rings a bit hollow at this point.
Still no information on what allowed the leak or that it's been fixed.
cheers
Marty
More information about the Link
mailing list