linked-out?
demonfurbie
Member Posts: 1,819 ■■■■■□□□□□
in Off-Topic
Millions of LinkedIn passwords reportedly leaked online | Security & Privacy - CNET News
i think its time to change some passwords
edit: confirmed
http://news.cnet.com/8301-1009_3-57448465-83/linkedin-confirms-passwords-were-compromised/?ttag=fbw
i think its time to change some passwords
edit: confirmed
http://news.cnet.com/8301-1009_3-57448465-83/linkedin-confirms-passwords-were-compromised/?ttag=fbw
wgu undergrad: done ... woot!!
WGU MS IT Management: done ... double woot :cheers:
WGU MS IT Management: done ... double woot :cheers:
Comments
-
blargoe Member Posts: 4,174 ■■■■■■■■■□Thanks.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
nicklauscombs Member Posts: 885sometimes i wonder if the money spent for my password vault software is worth it. this is one of those times i'm glad every site i use has a different random password.WIP: IPS exam
-
onesaint Member Posts: 801Came across this leak in my email this morning and was going to post it, but had to change my password first.:)Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS.
Next up: eventually the RHCE and to start blogging again.
Control Protocol; my blog of exam notes and IT randomness -
joshmadakor Member Posts: 495 ■■■■□□□□□□Done. +1WGU B.S. Information Technology (Completed January 2013)
-
TLeTourneau Member Posts: 616 ■■■■■■■■□□Done, thanks!Thanks, Tom
M.S. - Cybersecurity and Information Assurance
B.S: IT - Network Design & Management -
the_hutch Banned Posts: 827It was only the hashes that were leaked. Given the complexity of my password, I should have approximately 16 years until someone breaks in. Still, I changed mine in the off chance that the person who acquired them is some uber nerd in a basement with a super-computer and some seriously hardcore rainbow tables. Thank you LinkedIn for not storing passwords in plaintext.
-
mattlee09 Member Posts: 205LastPass is providing a tool to confirm if your information was possibly compromised as well.
https://lastpass.com/linkedin/ -
XiaoTech Member Posts: 113 ■■■□□□□□□□lol @ lastpast link. If you enter "changeme" or other obvious passwords, you've always been in danger of being hacked.
Any case, I changed mine. I just started changing passwords to my e-mail and other social media accounts this weekend. Gave me a good excuse to update it. -
Forsaken_GA Member Posts: 4,024nicklauscombs wrote: »sometimes i wonder if the money spent for my password vault software is worth it. this is one of those times i'm glad every site i use has a different random password.
Why spend money? I use KeePass, as it's available on virtually every single platform. And I put my password file in DropBox, since all my devices have access to it as well. Makes getting access to my passwords incredibly easy.
But yeah, like you, I don't actually know the majority of my passwords. New login? randomnly generate password in Keepass, copy to clipboard, paste, done. -
BigMevy Member Posts: 68 ■■■□□□□□□□Yeah, I saw that on CNN this morning. I logged into my account and it prompted me to do a password change.
-
onesaint Member Posts: 801@Forsaken: Is there just a single database kept on DropBox which all the versions of KeePass can access? Also are you using the key file (and if so, how) or just password protecting the db?Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS.
Next up: eventually the RHCE and to start blogging again.
Control Protocol; my blog of exam notes and IT randomness -
NetworkingStudent Member Posts: 1,407 ■■■■■■■■□□Looks like Linked in was hacked. Maybe it's time to change passwords.
LinkedIn Was Breached. Now What Do You Do? - NYTimes.com
opps I guess someone already posted this, sorry. Thanks for posting!When one door closes, another opens; but we often look so long and so regretfully upon the closed door that we do not see the one which has opened."
--Alexander Graham Bell,
American inventor -
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■This is interesting. The leaked hashes were posted and someone put this together. Change your password and then check your old one: LeakedIn: Is your password safe?
-
Sett Member Posts: 187Last.fm followed:
Last.fm Hacked. Change Your Password Now ! - hypebot
Really annoying. I am not using KeePass, but looks like that's the way to go.Non-native English speaker -
tpatt100 Member Posts: 2,991 ■■■■■■■■■□Don't hack Pandora or you might find out how bad my taste in music is.
-
hiddenknight821 Member Posts: 1,209 ■■■■■■□□□□RobertKaucher wrote: »This is interesting. The leaked hashes were posted and someone put this together. Change your password and then check your old one: LeakedIn: Is your password safe?
Funniest post I ever read today! Lol, no way I'm gonna verify this. -
Forsaken_GA Member Posts: 4,024@Forsaken: Is there just a single database kept on DropBox which all the versions of KeePass can access? Also are you using the key file (and if so, how) or just password protecting the db?
just a single database file protected by a very long passphrase. Every version of KeePass I've used (which is OS X, Linux, Windows, and iOS) opens the database file with no problems. I have faith in the encryption used, so I don't mind putting the file in 'the cloud', and since it resides on my dropbox folder in all instances, changes are automatically updated across all of my devices. Simple, easy, and free password management.
Incidentally, here is the time it would take to crack my databases passphrase:
Online Attack Scenario:
(Assuming one thousand guesses per second) 4.11 hundred thousand trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 4.11 billion centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 4.11 million centuries
At least, according to this:
https://www.grc.com/haystack.htm
I also subscribe to the xkcd philosophy of passwords:
http://xkcd.com/936/ -
SteveLord Member Posts: 1,717Never used it or felt a use for LinkedIn, but changed my password anyway.WGU B.S.IT - 9/1/2015 >>> ???
-
onesaint Member Posts: 801And with that comes the end of MD5crypt (broken since 2005!).
Md5crypt Password scrambler is no longer considered safe by author — PHKs BikeshedWork in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS.
Next up: eventually the RHCE and to start blogging again.
Control Protocol; my blog of exam notes and IT randomness -
DevilWAH Member Posts: 2,997 ■■■■■■■■□□Forsaken_GA wrote: »Why spend money? I use KeePass, as it's available on virtually every single platform. And I put my password file in DropBox, since all my devices have access to it as well. Makes getting access to my passwords incredibly easy.
But yeah, like you, I don't actually know the majority of my passwords. New login? randomnly generate password in Keepass, copy to clipboard, paste, done.
I foud out recently with keypass that you can have a local copy of the database and one remote (dropbox) and keep them synced. This could be good if you are ever in the postition at work that you loss internet or site links.
I have one data base file online and one on my local PC at work that sync when I cloose keepass. really is a great little program.- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com -
amcnow Member Posts: 215 ■■■■□□□□□□My place of employment sent out communication regarding this. I promptly changed my password. Still, thanks for posting this.WGU - Master of Science, Cybersecurity and Information Assurance
Completed: JIT2, TFT2, VLT2, C701, C702, C706, C700, FXT2
In Progress: C688
Remaining: LQT2Aristotle wrote:For the things we have to learn before we can do them, we learn by doing them. -
Forsaken_GA Member Posts: 4,024I foud out recently with keypass that you can have a local copy of the database and one remote (dropbox) and keep them synced. This could be good if you are ever in the postition at work that you loss internet or site links.
I have one data base file online and one on my local PC at work that sync when I cloose keepass. really is a great little program.
I don't really see the need for that... if you actually install the DropBox local client, the folder is local, it just syncs with DropBox's servers, you don't need to be online to access the contents in the DropBox folder, you just need to be online to send and receive updates.