[Chapter-delegates] [DNB] LinkedIn investigating reports that 6.46 million hashed passwords have leaked online (fwd)
Veni Markovski
veni at veni.com
Thu Jun 7 11:39:54 PDT 2012
I'm trying to have different passwords for different sites. Rule is, the
password can always be compromised, but at least one should not make things
easier. In google always use 2-factor authentication. If others provide it,
use it. If there's an SMS option, use it. Facebook provides it worldwide,
including for Bulgarian GSM phones.
I have not used lastpass.
V.
On Thursday, June 7, 2012, David Vyorst wrote:
> Veni, what do you think of lastpass?
> On Jun 7, 2012 11:42 AM, "Veni Markovski" <veni at veni.com> wrote:
>
> Thank you, Lucy.
>
> And in case some of you have used the same password somewhere else, make
> sure you change that one, too. If you cannot remember all different
> passwords / logins, try using some software, like 1password (unless it also
> has issues - Marcin, others?). More here:
> http://mashable.com/2012/06/06/linkedin-password-check/
>
> veni
>
> On 06/06/2012 18:58, Lucy Lynch wrote:
>
> All -
>
> For those linkedin users out there (and you know who you are) -
> Please take a minute to login and change your password to something
> long, easy to remember, and secure (see below) -
>
> https://xkcd.com/936/
>
> Thanks -
>
> Lucy Lynch
> Trust and Identity Initiatives
> Internet Society (ISOC )
>
> ---------- Forwarded message ----------
> Date: Wed, 06 Jun 2012 16:51:42 +0100
> From: Ian Cook <ian at cymru.com>
> To: ians_dragon_newsbytes at lists.cymru.com
> Subject: [DNB] LinkedIn investigating reports that 6.46 million hashed
> passwords
> have leaked online
>
> Title: LinkedIn investigating reports that 6.46 million hashed
> passwords have leaked online
> Author: Aaron Souppouris
> Source: The Verge
> Date Published: 6th June 2012
>
> Excerpt:
>
> '....A user in a Russian forum is claiming to have hacked LinkedIn
> to the tune of almost 6.5 million account details. The user uploaded
> 6,458,020 hashed passwords, but no usernames. It's not clear if they
> managed to download the usernames, but it's likely that both have
> been downloaded.There is a possibility that this could be a hoax,
> but several people have said on Twitter that they found their real
> LinkedIn passwords as hashes on the list. Many of the hashes include
> "linkedin," which seems to add credence to the claims.
>
> We spoke with Mikko Hypponen, Chief Research Officer at F-Secure,
> who thinks this is "a real collection." He told us he is "guessing
> it's some sort of exploit on their web interface, but there's no way
> to know. I am sure sure LinkedIn will fill us in sooner or later.".....'
>
> To read the complete article see:
> http://www.theverge.com/2012/6/6/3067523/linkedin-password-leak-online
>
>
> The opinions expressed in the posted news items do not necessarily
> reflect the views of Team Cymru.
>
> The appearance of hyperlinks does not constitute endorsement
> by Team Cymru of an external Web site, or any commercial
> company, information, products or services contained therein.
>
> Dragon News Bytes is a Private and Restricted mailing
> list.
>
> The information transmitted is intended only for the person or
> entity to which it is addressed and any retransmission or
> dissemination is prohibited.
>
> To subscribe to this mailing list, please signup at:
> https://lists.cymru.com/mailman/listinfo/ians_dragon_newsbytes
> and then send an email to: outreach at cymru.com
> providing some personal background.
>
>
> _ //` `\
> _,-"\%
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20120607/464d9bd5/attachment.htm>
More information about the Chapter-delegates
mailing list