Home – New Forums Other discussions LinkedIn passwords stolen

  • This topic is empty.
Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • #978455
    Cats
    Member
    • Total posts: 85
    Up
    0
    ::

    LinkedIn – is it reported as many as 6.5 million passwords were stolen and posted on the internet.

    You may want to look into it if you have a LinkedIn account.

    #1107280
    MyGreatIdea
    Member
    • Total posts: 2,278
    Up
    0
    ::

    I’ve seen this flying around fb the past day too.

    I did change my password, but then started to wonder, what is there on LinkedIn that we don’t want everyone to see or know anyway? Everything’s already public lol

    Wendy :)

    #1107281
    Cats
    Member
    • Total posts: 85
    Up
    0
    ::
    Couple It, post: 118927 wrote:
    I’ve seen this flying around fb the past day too.

    I did change my password, but then started to wonder, what is there on LinkedIn that we don’t want everyone to see or know anyway? Everything’s already public lol

    Wendy :)

    True, however, it is just unsettling I guess ;)

    #1107282
    adrian
    Participant
    • Total posts: 181
    Up
    0
    ::

    A linked password is of pretty limited use. You could spam people’s contacts, but hey, that’s only slightly different to normal linked in…

    A real problem could come depending on what other data they have – email? name? – and if you use the same password/email at multiple locations. This is why it’s waaay better to use a service like lastpass, or 1password, and generate a unique, complex password for each site. I don’t have any idea what most of my passwords are, they are different for each site, and I get automatically signed in.

    If you’re curious, you can check if your linked in password was one of the compromised ones here, or here. But keep in mind they may not have leaked all the account details they compromised, so you should change your linkedin password anyway.

    #1107283
    AgentMail
    Member
    • Total posts: 1,741
    Up
    0
    ::

    Adrian,

    I don’t understand how the link provided works? It just asks you to type in your password? Out of 6.5 million leaked passwords there are bound to be duplicates, so I don’t think that really gives a lot of info. I just logged into LinkedIn and it looks as though they are forcing password changes anyway

    #1107284
    adrian
    Participant
    • Total posts: 181
    Up
    0
    ::

    What the hackers released was the MD5 password hashes. Basically, you have a password like ‘gollum’, when that gets hashed it turns into something like ‘jhsdf97y&*gihsdfjj&ughsdf’, which is what should be stored in the database.

    The site I linked to hashes your entered password and sees if it matches any of the leaked password hashes. Essentially, if you have a reasonably secure password, it will accurately say whether the hashed version is in the leaked data (my password is 12 random characters long, and was not found). If you have an insecure password, like a dictionary word, you’re right, it will probably exist is the hashes anyway. But that means it’s a bad password, so changing it is a good idea regardless.

    You’re right that Linkedin blocked accounts and emailed people. My understanding is they contacted the people that were in the leaked data. But, like I said, it’s a bit of a jump to assume all the compromised accounts were in the leaked data… Better safe than sorry.

    #1107285
    AgentMail
    Member
    • Total posts: 1,741
    Up
    0
    ::

    Thanks for explaining Aidan, that makes sense.

    With all of my passwords, I use words that have a meaning to me, then replace certain letters with numbers and symbols. That way I can still remember it but it is difficult to be hacked/copied.

Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.