"Brian St. Pierre" <br...@bstpierre.org> writes: > > On 06/07/2012 07:33 AM, Lloyd Kvam wrote: > > Today's WSJ reported in the Digits column that encrypted LinkedIN > > passwords had been leaked. Decryption efforts have been successful > > against some subset of these passwords. > > > > I was disappointed to see no acknowledgement on the LinkIn site. (I > > just found it buried in the clutter. Its a link to CBS news??) > > Bottom line: go change your LinkedIn password right now. [...] > It's not really surprising that the hashes were leaked, but it is sort > of (ok, not really) surprising to me that a big site like LinkedIn can > be storing passwords so poorly: they were just hashed with SHA-1 and no > salt.
Have they actually fixed the problem yet? If they haven't, you'll probably have to (want to) change your password *again* when they do.... -- "Don't be afraid to ask (λf.((λx.xx) (λr.f(rr))))." _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
