[ale] unsalted hashes of 6 million linkedin passwords published on the internet

Ron Frazier (ALE) atllinuxenthinfo at techstarship.com
Thu Jun 7 16:36:21 EDT 2012


On 6/7/2012 3:47 PM, Stephen Haywood wrote:
>> Unsalted and unseeded.  If the hashing had been seeded, the brute
>> forcing would be impossible without the private seed.
>>      
> I understand what you mean by unsalted but explain unseeded in terms
> of a SHA1 hash. My understanding is the file contained about 6.5
> million unique password hashes, of which about 3.5 million were
> cracked before the list was made public. Last I heard about 1.5
> million had be cracked and analyzed by Stefan Venken (@StefanVenken).
> I believe the folks at KoreLogic have cracked over 3 million of them.
>    
Oh horsefeathers!  (Other expletives deleted)  I found the hash of my 
password in the database.  I've already changed it on Linkedin, but I 
use that password elsewhere too.  It will take me days to track down 
MOST of the places down and change it.  I'm not even sure I know all the 
places I've used it.  May have to start using LastPass or something.

Sincerely,

Ron

-- 

(To whom it may concern.  My email address has changed.  Replying to former
messages prior to 03/31/12 with my personal address will go to the wrong
address.  Please send all personal correspondence to the new address.)

(PS - If you email me and don't get a quick response, you might want to
call on the phone.  I get about 300 emails per day from alternate energy
mailing lists and such.  I don't always see new email messages very quickly.)

Ron Frazier
770-205-9422 (O)   Leave a message.
linuxdude AT techstarship.com



More information about the Ale mailing list