LinkedIn's user database was compromised a few days ago and stored user passwords accessed by hackers. The company is forcing everyone to change their password. This post takes the opportunity to talk about password security. LinkedIn saved passwords as unsalted hashes - that means they were encrypted, but not by the strongest method possible. Either way, a determine hacker could decrypt them given time and computer power. A lot of people are drawing security lessons from this, but my thinking is that it shows the unwisdom of storing millions of passwords in a single place. Not that a centralized site-based network like LinkedIn would have had any other option, though. Oh, and all of this? Doesn't help.
Today: 0 Total: 1401 [Direct link] [Share]
