Stephen Downes

Knowledge, Learning, Community

LinkedIn's user database was compromised a few days ago and stored user passwords accessed by hackers. The company is forcing everyone to change their password. This post takes the opportunity to talk about password security. LinkedIn saved passwords as unsalted hashes - that means they were encrypted, but not by the strongest method possible. Either way, a determine hacker could decrypt them given time and computer power. A lot of people are drawing security lessons from this, but my thinking is that it shows the unwisdom of storing millions of passwords in a single place. Not that a centralized site-based network like LinkedIn would have had any other option, though. Oh, and all of this? Doesn't help.

Today: 1058 Total: 1064 [Direct link] [Share]

Image from the website


Stephen Downes Stephen Downes, Casselman, Canada
stephen@downes.ca

Copyright 2024
Last Updated: Mar 29, 2024 08:53 a.m.

Canadian Flag Creative Commons License.

Force:yes