Worried that your LinkedIn password may be a part of the nearly 6.5 million compromised on Wednesday? Password management firm LastPass has released a secure tool to see if your password was among the stolen.
News first surfaced about the security breach after a Russian hacker said he stole 6,458,020 encrypted LinkedIn passwords and posted them online (without usernames) to prove his feat. The breach comes on the heels of news that LinkedIn’s iOS app potentially violates user privacy by sending detailed calendar entries to its servers.
LinkedIn confirmed that some passwords had become compromised and said it would contact affected users with details on how to change their password
Although usernames associated with the passwords were not released, the passwords themselves will surely be used to help reverse-engineer other cryptography systems. We also expect to see these passwords added to dictionary lists of programs that attempt to break into various accounts.
In other words — if you’re a LinkedIn user, no matter how strong your password seemed — it’s a good idea to go ahead and change it.
How This Works
If you’re a cynical web user when it comes to privacy and security — of course you are, right? — then you’re probably asking yourself whether or not a site where you type in your password to see if it’s been compromised could possibly be legit. But the folks at LastPassensure that the tool is safe and does not store passwords.
Here’s how it works: After typing your LinkedIn password into LastPass’s tool, the service computes its SHA-1 hash and sends the result to LastPass.com. It then searches the list of 6.5 million leaked password hashes.
“All that’s communicated to LastPass is the hash ‚Äî the result of the one-way function performed on the password that a user enters in that box,” a LastPass spokesperson said. “So let’s say you enter ‘password1.’ You enter it and the tool performs the hashing algorithm. The hash is then sent to LastPass, and if a match is found in the database (of the 6.46 million leaked hashes) on our end, we report back a message saying that your password was compromised.”
The spokesperson also noted that the hashes are not stored on its servers: “We don’t store the hash on our end. We only perform the check and then delete it.”
Change Your Password
If your password is among the millions stolen, you should not only change it as soon as possible but also update other accounts you have that use the same password.
If you aren’t already using a password management tool — it’s time to start considering one. Tools such as LastPass and 1Password are invaluable in helping users create and manage unique, secure passwords.
Has your password been compromised? Let us know in the comments.
News first surfaced about the security breach after a Russian hacker said he stole 6,458,020 encrypted LinkedIn passwords and posted them online (without usernames) to prove his feat. The breach comes on the heels of news that LinkedIn’s iOS app potentially violates user privacy by sending detailed calendar entries to its servers.
LinkedIn confirmed that some passwords had become compromised and said it would contact affected users with details on how to change their password
Although usernames associated with the passwords were not released, the passwords themselves will surely be used to help reverse-engineer other cryptography systems. We also expect to see these passwords added to dictionary lists of programs that attempt to break into various accounts.
In other words — if you’re a LinkedIn user, no matter how strong your password seemed — it’s a good idea to go ahead and change it.
How This Works
If you’re a cynical web user when it comes to privacy and security — of course you are, right? — then you’re probably asking yourself whether or not a site where you type in your password to see if it’s been compromised could possibly be legit. But the folks at LastPassensure that the tool is safe and does not store passwords.
Here’s how it works: After typing your LinkedIn password into LastPass’s tool, the service computes its SHA-1 hash and sends the result to LastPass.com. It then searches the list of 6.5 million leaked password hashes.
“All that’s communicated to LastPass is the hash ‚Äî the result of the one-way function performed on the password that a user enters in that box,” a LastPass spokesperson said. “So let’s say you enter ‘password1.’ You enter it and the tool performs the hashing algorithm. The hash is then sent to LastPass, and if a match is found in the database (of the 6.46 million leaked hashes) on our end, we report back a message saying that your password was compromised.”
The spokesperson also noted that the hashes are not stored on its servers: “We don’t store the hash on our end. We only perform the check and then delete it.”
Change Your Password
If your password is among the millions stolen, you should not only change it as soon as possible but also update other accounts you have that use the same password.
If you aren’t already using a password management tool — it’s time to start considering one. Tools such as LastPass and 1Password are invaluable in helping users create and manage unique, secure passwords.
Has your password been compromised? Let us know in the comments.
What's up mates, its great paragraph on the topic of educationand completely defined, keep it up all the time.
ReplyDeletemy web-site; 1997 ford explorer v8 towing capacity
of course like your website but you have to check
ReplyDeletethe spelling on several of your posts. A number of them are rife
with spelling issues and I in finding it very troublesome to inform the
reality then again I will surely come again again.
My homepage - minecraft games
If some one wants expert view regarding running a
ReplyDeleteblog after that i recommend him/her to pay a quick visit this website,
Keep up the fastidious job.
Feel free to visit my site :: minecraft games
This post presents clear idea for the new people of blogging, that genuinely how to do blogging.
ReplyDeleteFeel free to surf to my weblog: quest bars
Hi, I do believe this is an excellent website. I stumbledupon it ;) I may come back yet again since i have bookmarked it.
ReplyDeleteMoney and freedom is the greatest way to change, may you be
rich and continue to help other people.
My web-site quest bars
I'm truly enjoying the design and layout of your website.
ReplyDeleteIt's a very easy on the eyes which makes it much more enjoyable for me to come here and
visit more often. Did you hire out a designer to create your theme?
Outstanding work!
Feel free to surf to my site - Nutrition Bars
Fantastic post however I was wondering if you could write a litte more on this topic?
ReplyDeleteI'd be very grateful if you could elaborate a
little bit more. Kudos!
my weblog: Diet Plans for Women to Lose Weight
Definitely consider that that you said. Your favourite
ReplyDeletereason appeared to be at the internet the
easiest factor to take note of. I say to you, I definitely get annoyed at the same time as other people consider worries that they just do not recognize about.
You managed to hit the nail upon the top and outlined
out the entire thing without having side-effects , other folks
Where Can You Buy Quest Bars take a signal.
Will probably be again to get more. Thanks