Home – New Forums Other discussions LinkedIn passwords stolen Reply To: LinkedIn passwords stolen

  • Total posts: 181

What the hackers released was the MD5 password hashes. Basically, you have a password like ‘gollum’, when that gets hashed it turns into something like ‘jhsdf97y&*gihsdfjj&ughsdf’, which is what should be stored in the database.

The site I linked to hashes your entered password and sees if it matches any of the leaked password hashes. Essentially, if you have a reasonably secure password, it will accurately say whether the hashed version is in the leaked data (my password is 12 random characters long, and was not found). If you have an insecure password, like a dictionary word, you’re right, it will probably exist is the hashes anyway. But that means it’s a bad password, so changing it is a good idea regardless.

You’re right that Linkedin blocked accounts and emailed people. My understanding is they contacted the people that were in the leaked data. But, like I said, it’s a bit of a jump to assume all the compromised accounts were in the leaked data… Better safe than sorry.