Options
linked-out?
demonfurbie
Member Posts: 1,819
in Off-Topic
Millions of LinkedIn passwords reportedly leaked online | Security & Privacy - CNET News
i think its time to change some passwords
edit: confirmed
http://news.cnet.com/8301-1009_3-57448465-83/linkedin-confirms-passwords-were-compromised/?ttag=fbw
i think its time to change some passwords
edit: confirmed
http://news.cnet.com/8301-1009_3-57448465-83/linkedin-confirms-passwords-were-compromised/?ttag=fbw
wgu undergrad: done ... woot!!
WGU MS IT Management: done ... double woot :cheers:
WGU MS IT Management: done ... double woot :cheers:
Comments
-
Options
blargoe
Member Posts: 4,174 ■■■■■■■■■□
Thanks.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
Options
nicklauscombs
Member Posts: 885
sometimes i wonder if the money spent for my password vault software is worth it. this is one of those times i'm glad every site i use has a different random password.WIP: IPS exam -
Options
onesaint
Member Posts: 801
Came across this leak in my email this morning and was going to post it, but had to change my password first.:)Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS.
Next up: eventually the RHCE and to start blogging again.
Control Protocol; my blog of exam notes and IT randomness -
Options
joshmadakor
Member Posts: 495 ■■■■□□□□□□
Done. +1WGU B.S. Information Technology (Completed January 2013) -
Options
TLeTourneau
Member Posts: 616 ■■■■■■■■□□
Done, thanks!Thanks, Tom
M.S. - Cybersecurity and Information Assurance
B.S: IT - Network Design & Management -
Options
the_hutch
Banned Posts: 827
It was only the hashes that were leaked. Given the complexity of my password, I should have approximately 16 years until someone breaks in. Still, I changed mine in the off chance that the person who acquired them is some uber nerd in a basement with a super-computer and some seriously hardcore rainbow tables. Thank you LinkedIn for not storing passwords in plaintext. -
Options
mattlee09
Member Posts: 205
LastPass is providing a tool to confirm if your information was possibly compromised as well.
https://lastpass.com/linkedin/ -
Options
XiaoTech
Member Posts: 113 ■■■□□□□□□□
lol @ lastpast link. If you enter "changeme" or other obvious passwords, you've always been in danger of being hacked.
Any case, I changed mine. I just started changing passwords to my e-mail and other social media accounts this weekend. Gave me a good excuse to update it. -
Options
Forsaken_GA
Member Posts: 4,024
nicklauscombs wrote: »sometimes i wonder if the money spent for my password vault software is worth it. this is one of those times i'm glad every site i use has a different random password.
Why spend money? I use KeePass, as it's available on virtually every single platform. And I put my password file in DropBox, since all my devices have access to it as well. Makes getting access to my passwords incredibly easy.
But yeah, like you, I don't actually know the majority of my passwords. New login? randomnly generate password in Keepass, copy to clipboard, paste, done. -
OptionsBigMevy
Member Posts: 68 ■■■□□□□□□□
Yeah, I saw that on CNN this morning. I logged into my account and it prompted me to do a password change.
-
Optionsonesaint
Member Posts: 801
@Forsaken: Is there just a single database kept on DropBox which all the versions of KeePass can access? Also are you using the key file (and if so, how) or just password protecting the db?Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS.
Next up: eventually the RHCE and to start blogging again.
Control Protocol; my blog of exam notes and IT randomness -
Options
NetworkingStudent
Member Posts: 1,407 ■■■■■■■■□□
Looks like Linked in was hacked. Maybe it's time to change passwords.
LinkedIn Was Breached. Now What Do You Do? - NYTimes.com
opps I guess someone already posted this, sorry. Thanks for posting!When one door closes, another opens; but we often look so long and so regretfully upon the closed door that we do not see the one which has opened."
--Alexander Graham Bell,
American inventor -
Options
RobertKaucher
Member Posts: 4,299 ■■■■■■■■■■
This is interesting. The leaked hashes were posted and someone put this together. Change your password and then check your old one: LeakedIn: Is your password safe? -
Options
Sett
Member Posts: 187
Last.fm followed:
Last.fm Hacked. Change Your Password Now ! - hypebot
Really annoying. I am not using KeePass, but looks like that's the way to go.Non-native English speaker -
Options
tpatt100
Member Posts: 2,991 ■■■■■■■■■□
Don't hack Pandora or you might find out how bad my taste in music is. -
Options
hiddenknight821
Member Posts: 1,209 ■■■■■■□□□□
RobertKaucher wrote: »This is interesting. The leaked hashes were posted and someone put this together. Change your password and then check your old one: LeakedIn: Is your password safe?
Funniest post I ever read today! Lol, no way I'm gonna verify this.
-
OptionsForsaken_GA
Member Posts: 4,024
@Forsaken: Is there just a single database kept on DropBox which all the versions of KeePass can access? Also are you using the key file (and if so, how) or just password protecting the db?
just a single database file protected by a very long passphrase. Every version of KeePass I've used (which is OS X, Linux, Windows, and iOS) opens the database file with no problems. I have faith in the encryption used, so I don't mind putting the file in 'the cloud', and since it resides on my dropbox folder in all instances, changes are automatically updated across all of my devices. Simple, easy, and free password management.
Incidentally, here is the time it would take to crack my databases passphrase:
Online Attack Scenario:
(Assuming one thousand guesses per second) 4.11 hundred thousand trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 4.11 billion centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 4.11 million centuries
At least, according to this:
https://www.grc.com/haystack.htm
I also subscribe to the xkcd philosophy of passwords:
http://xkcd.com/936/ -
Options
SteveLord
Member Posts: 1,717
Never used it or felt a use for LinkedIn, but changed my password anyway.WGU B.S.IT - 9/1/2015 >>> ??? -
Optionsonesaint
Member Posts: 801
And with that comes the end of MD5crypt (broken since 2005!).
Md5crypt Password scrambler is no longer considered safe by author — PHKs BikeshedWork in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS.
Next up: eventually the RHCE and to start blogging again.
Control Protocol; my blog of exam notes and IT randomness -
Options
DevilWAH
Member Posts: 2,997 ■■■■■■■■□□
Forsaken_GA wrote: »Why spend money? I use KeePass, as it's available on virtually every single platform. And I put my password file in DropBox, since all my devices have access to it as well. Makes getting access to my passwords incredibly easy.
But yeah, like you, I don't actually know the majority of my passwords. New login? randomnly generate password in Keepass, copy to clipboard, paste, done.
I foud out recently with keypass that you can have a local copy of the database and one remote (dropbox) and keep them synced. This could be good if you are ever in the postition at work that you loss internet or site links.
I have one data base file online and one on my local PC at work that sync when I cloose keepass. really is a great little program.- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com -
Options
amcnow
Member Posts: 215 ■■■■□□□□□□
My place of employment sent out communication regarding this. I promptly changed my password. Still, thanks for posting this.WGU - Master of Science, Cybersecurity and Information Assurance
Completed: JIT2, TFT2, VLT2, C701, C702, C706, C700, FXT2
In Progress: C688
Remaining: LQT2Aristotle wrote:For the things we have to learn before we can do them, we learn by doing them. -
OptionsForsaken_GA
Member Posts: 4,024
I foud out recently with keypass that you can have a local copy of the database and one remote (dropbox) and keep them synced. This could be good if you are ever in the postition at work that you loss internet or site links.
I have one data base file online and one on my local PC at work that sync when I cloose keepass. really is a great little program.
I don't really see the need for that... if you actually install the DropBox local client, the folder is local, it just syncs with DropBox's servers, you don't need to be online to access the contents in the DropBox folder, you just need to be online to send and receive updates.
