Several million LinkedInpasswords have been stolen and posted online. The fact that they are “encrypted” does not mean they are safe.
Image via CrunchBase
The encryption – hashing – means that a lone password cracker trying to “brute force” the passwords would probably take a very long time to get through any significant number.
But the point is that they don’t have to do that. Instead they can look up the hashed password in a “rainbow table” of pre-cracked passwords and look it up that way.
Not everybody’s password will be one that has been “pre-cracked” and stuck in a rainbow table, but how confident are you that’s yours isn’t?
So, you have to change the password for LinkedIn and change that password anywhere else you use it – because the password will be associated with your email address and crackers are not likely to stop just because they locked them out of LinkedIn.
It’s a pain but surely not as big a pain as having your identity stolen.
Related articles
- “If it turns out that #LinkedIn passwords have leaked…” (http://goo.gl/N9lhn at Computerworld) (dropsafe.crypticide.com)
- LinkedIn Slips in an Upgrade Overnight (integratedalliances.com)
- The LinkedIn Profile [Infographic] (socialtimes.com)
Pingback: Logarchism » Flame LeakedIn with Stuxnet