[ACFUG Discuss] LinkedIn hacked...

[Frank Moorman]

All,

I know that this is not really a forum for linkedin, but I know many people with
ACFUG use it. It has been hacked and its password table has been compromised.
Story here:
http://arstechnica.com/security/2012/06/10-or-so-of-the-worst-passwords-exposed-by-the-linkedin-hack/

Now is the time to change your password on LinkedIn as well as any site you use
with the same credentials.

Rumor has it that Linkedin was using a simple hash (without any salt) and that
the passwords have been cracked with the rainbow tables. Another site cropped up
called www.Leakedin.org with a list of cracked passwords.



-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

Re: [ACFUG Discuss] LinkedIn hacked...

[Brooks . Wilson]

Question: how many login attempts does CF Administrator allow before it 
locks you out?

Sincerely, Brooks

ADS develops & supports effective, efficient and secure software solutions
--
Federal Reserve Bank of Atlanta ∙ Application Delivery Services
1000 Peachtree Street NE ∙ Atlanta,Georgia ∙ 30309-4470  404-498-8178



N▀╖╡ФЛr╦⌡yЗХ ьb╡X╛╤f╖j╡╒ЙИ╝┤Б∙Хm╤÷ЪцqШ═╒╦

Re: [ACFUG Discuss] LinkedIn hacked...

[Howard Fore]

I don't see a setting in the Administrator for this nor remember this as a
feature.

--
Howard Fore, howard.f...@hofo.com
“What people say, what people do, and what they say they do are entirely
different things.” - Margaret Mead



On Wed, Jun 20, 2012 at 8:43 AM,  wrote:

> Question: how many login attempts does CF Administrator allow before it
> locks you out?
>
> Sincerely, Brooks
>
> *ADS* develops & supports effective, efficient and secure software
> solutions
> *
> --
> *
> *Federal Reserve Bank of Atlanta *∙* *Application Delivery Services
> 1000 Peachtree Street NE ∙ Atlanta,Georgia ∙ 30309-4470  404-498-8178
>
>
>

Re: [ACFUG Discuss] LinkedIn hacked...

[John Mason]

I don't think there is a limit hence one of the reasons it should never 
be left publicly exposed.


John
ma...@fusionlink.com


On 6/20/12 8:43 AM, brooks.wil...@atl.frb.org wrote:
Question: how many login attempts does CF Administrator allow before 
it locks you out?


Sincerely, Brooks

*ADS* develops & supports effective, efficient and secure software 
solutions
*--* 


*Federal Reserve Bank of Atlanta *∙**Application Delivery Services
1000 Peachtree Street NE ∙ Atlanta,Georgia ∙ 30309-4470  404-498-8178


n╤КN▀╖╡ФЛr╦⌡yЗХ ьb╡X╛╤f╖j╡╒ЙИ╝┤Б∙ФКj


-
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform


For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-

Re: [ACFUG Discuss] LinkedIn hacked...

[Cameron Childress]

I don't think it has any logic to block/lock access after N attempts. CF10
may have changed that, but I don't recall hearing anything.

But your CFAdmin should never be available on the public internet. If you
really want to lock it after N attempts, put it behind an additional layer
of authentication.

-Cameron

On Wed, Jun 20, 2012 at 8:43 AM,  wrote:

> Question: how many login attempts does CF Administrator allow before it
> locks you out?
>
> Sincerely, Brooks
>
> *ADS* develops & supports effective, efficient and secure software
> solutions
> *
> --
> *
> *Federal Reserve Bank of Atlanta *** *Application Delivery Services
> 1000 Peachtree Street NE * Atlanta,Georgia * 30309-4470  404-498-8178
>
>
>


-- 
Cameron Childress
--
p:   678.637.5072
im: cameroncf
facebook  |
twitter |
google+