Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Community > MacNN Lounge > Millions of Linkedin passwords leaked

Millions of Linkedin passwords leaked
Thread Tools
Thorzdad
Moderator
Join Date: Aug 2001
Location: Nobletucky
Status: Offline
Reply With Quote
Jun 6, 2012, 02:07 PM
 
Bad news day for Linkedin.
     
andi*pandi
Moderator
Join Date: Jun 2000
Location: inside 128, north of 90
Status: Offline
Reply With Quote
Jun 6, 2012, 02:11 PM
 
I changed my password. First I had to remember my password.
     
Thorzdad  (op)
Moderator
Join Date: Aug 2001
Location: Nobletucky
Status: Offline
Reply With Quote
Jun 6, 2012, 02:17 PM
 
Heh. Me, too. Next to Facebook, probably the most worthless site I ever joined.
     
Phileas
Mac Elite
Join Date: Jul 2002
Location: Toronto, Canada
Status: Offline
Reply With Quote
Jun 6, 2012, 03:13 PM
 
1password.com Does all the work for you.
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Jun 6, 2012, 03:19 PM
 
Originally Posted by Thorzdad View Post
Heh. Me, too. Next to Facebook, probably the most worthless site I ever joined.
Nah, LinkedIn is much more useful for professionals. I get recruiter contact me about job opportunities just from stumbling across my profile.

FB on the other hand...

-t
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Jun 6, 2012, 03:29 PM
 
Thanks, changed my pw too.

Networking on LinkedIn actually proves useful in finding people I want to contact.
     
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Jun 6, 2012, 03:35 PM
 
But can LinkedIn get you laid?
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Jun 6, 2012, 03:51 PM
 
Yes, professionally

-t
     
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Jun 6, 2012, 03:54 PM
 
This lacks the essential "married person I went to high-school with" element.
     
PB2K
Mac Elite
Join Date: Dec 2000
Location: Netherlands
Status: Offline
Reply With Quote
Jun 8, 2012, 05:35 AM
 
People who put their whole life on the social media shouldn't complain and regard this publication of passwords as a service
{Animated sigs are not allowed.}
     
mattyb
Addicted to MacNN
Join Date: Feb 2008
Location: Standing on the shoulders of giants
Status: Offline
Reply With Quote
Jun 8, 2012, 07:44 AM
 
LinkedIn got me the job that I'm starting in August.

I've changed my password to qwerty123
     
Stogieman
Addicted to MacNN
Join Date: May 2000
Location: Santa Rosa, CA
Status: Offline
Reply With Quote
Jun 8, 2012, 12:22 PM
 
My password is 12345. The same combo I have on my luggage.

Slick shoes?! Are you crazy?!
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Jun 8, 2012, 12:31 PM
 
How do millions of passwords get hacked from a major website? They were storing them in the clear? WTF.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
Phileas
Mac Elite
Join Date: Jul 2002
Location: Toronto, Canada
Status: Offline
Reply With Quote
Jun 8, 2012, 12:31 PM
 
You really should have more secure passwords.

asdfghjkl is a good option, because it doesn't spell a word. If you want to be really secure you can add 123 to the end.
     
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Jun 8, 2012, 12:34 PM
 
Originally Posted by Big Mac View Post
How do millions of passwords get hacked from a major website? They were storing them in the clear? WTF.
They were hashed, but no salt, so you can use rainbow tables to unencrypt them.
     
andi*pandi
Moderator
Join Date: Jun 2000
Location: inside 128, north of 90
Status: Offline
Reply With Quote
Jun 8, 2012, 12:38 PM
 
     
Phileas
Mac Elite
Join Date: Jul 2002
Location: Toronto, Canada
Status: Offline
Reply With Quote
Jun 8, 2012, 01:43 PM
 
Originally Posted by andi*pandi View Post
All my passwords are just that, four random words. For years, my go to low security password was daygrandmotherexploded, (not used anywhere anymore, bitches) in reference to the opening line from an Ian Banks novel.
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Jun 8, 2012, 01:47 PM
 
Originally Posted by subego View Post
They were hashed, but no salt, so you can use rainbow tables to unencrypt them.
Pedantic: hashes are not reversible; you can only match a hash to a rainbow table, not "unencrypt."
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Jun 8, 2012, 01:50 PM
 
Originally Posted by Phileas View Post
All my passwords are just that, four random words.
I'm using a made-up password scheme that is based on the domain name and the TLD. Adding a special character and some numbers, et voila, I have a unique password for each website, and still being able to remember all my password.

-t
     
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Jun 8, 2012, 01:59 PM
 
Originally Posted by mduell View Post
Pedantic: hashes are not reversible; you can only match a hash to a rainbow table, not "unencrypt."
You are 100% correct. My bad

By way of explanation for those who need it, the hash of your password isn't necessarily unique. More than one password can resolve to the same hash. In other words, there's probably more than one password which can log you in to any given account. This isn't a security issue though because passwords which resolve to the same hash are going to be wildly different.
     
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Jun 8, 2012, 02:07 PM
 
Originally Posted by andi*pandi View Post
I'd still add just one special character.

That would mean anyone who was trying to brute force it would most likely have to get through every combination of letters and numbers before trying every combination of letters and numbers plus one special character.


P.S. I've been guilty of not doing this myself, but Randall likes you to put up a link to the original with the comic.
( Last edited by subego; Jun 8, 2012 at 02:19 PM. )
     
PB2K
Mac Elite
Join Date: Dec 2000
Location: Netherlands
Status: Offline
Reply With Quote
Jun 9, 2012, 07:15 PM
 
I have a special keyboard that i connect when typing passwords. all keys have been rearranged, some keys don't even work. Oh yeah and it is wired by ps/2 and a MacAlly port.
{Animated sigs are not allowed.}
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 05:21 AM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,