[Password Leak] LinkedIn database hacked

(1/19) > >>

i_rape_bitcoins:
This morning, a dump of unique passwords from LinkedIn databases had been posted. From the dump, it is revealed that password hashes did not include a salt. This allows the attacker to generate a rainbow table that is valid with all the hashes. So expect your password compromised. (feel the same as if your password were leaked plain-text)

If you have a LinkedIn account and use the same password for other services (such as mtgox), please change your password. If you are unsure, visit LeakedIn to check.

More news here: https://news.ycombinator.com/item?id=4073309

gweedo:
And remember to always salt your passwords  ;)

kjlimo:
Quote from: gweedo on June 06, 2012, 07:15:32 PM

And remember to always salt your passwords  ;)


Who salts a password?  Is that something I have to do when creating a password, or is that directed at the password manager to make sure to salt the passwords?

mcorlett:
Quote from: kjlimo on June 06, 2012, 07:29:22 PM

Is that something I have to do when creating a password, or is that directed at the password manager to make sure to salt the passwords?

The latter.

ErebusBat:
Quote from: kjlimo on June 06, 2012, 07:29:22 PM

Who salts a password?  Is that something I have to do when creating a password, or is that directed at the password manager to make sure to salt the passwords?


kjlimo,

It is, unfortunately, up to the website operator to do.  The safest thing you can do as a consumer is user a random password at each site.

Navigation

[0] Message Index

[#] Next page