After the rumor about password of LinkedIn User that has been stolen and posted in online hacker community in Russia, then LinkedIn ask for apologize and doing action to protect the user. Vicente Silveira, Director at LinkedIn in his blog said that 6,5 million password has been posted in hacker website.
According to Silveira, most of the password is still in encryption condition (hashed). He admitted few of this hashed password has been decrypted and published. Fortunately email login related to the password was not go on public. He said that there is no report about access to user account related to this issue.
According to Silveira, most of the password is still in encryption condition (hashed). He admitted few of this hashed password has been decrypted and published. Fortunately email login related to the password was not go on public. He said that there is no report about access to user account related to this issue.
LinkedIn, as Silveria said on LinkedIn Blog "It is of the utmost importance to us that we keep you, our members,
informed regarding the news this week that some LinkedIn member
passwords were compromised. We want to reiterate that we sincerely
apologize for the inconvenience this has caused our members.", LinkedIn has locked and protect user account which the password is stolen.
LinkedIn email the member and tell them the way how to reset their password. LinkedIn also has deactivated other member account which potentially able to influenced by this occurrence and then call the pertinent user to change their password. Silveria also reminds other member and suggests them to change password periodically
Meanwhile, Sophos Security, like it said in computerworld.com, about 60% hashes password of LinkedIn member posted has been cracked by hacker. So about 3,5 million password has been cracked. This thing shows how weak the password protection of LinkedIn.
Actually, whole password of LinkedIn member is already protected (hashed) using SHA-1 protocol, though SHA-1 offered protection against password cracking, but in fact it's still able to cracked.
Beside SHA-1, there is still another protection way known "salting". In this protection, a random string is added in password character before hashed. This way increase strength of password protection. Salting know is common in big company.
The professional from Sophos security was regretted LinkedIn for using just SHA-1, fortunately Silveria said that has been implementing salting after this occurrence of password cracked.
Meanwhile, Sophos Security, like it said in computerworld.com, about 60% hashes password of LinkedIn member posted has been cracked by hacker. So about 3,5 million password has been cracked. This thing shows how weak the password protection of LinkedIn.
Actually, whole password of LinkedIn member is already protected (hashed) using SHA-1 protocol, though SHA-1 offered protection against password cracking, but in fact it's still able to cracked.
Beside SHA-1, there is still another protection way known "salting". In this protection, a random string is added in password character before hashed. This way increase strength of password protection. Salting know is common in big company.
The professional from Sophos security was regretted LinkedIn for using just SHA-1, fortunately Silveria said that has been implementing salting after this occurrence of password cracked.
These kind of post are always inspiring and I prefer to read quality content so I happy to find many good point here in the post writing is simply great thank you for the post.
ReplyDeleteburleson roofing
Thank you for your appreciation, this post is for them who the member of any social network spread in internet, in order to make them be more cautious about their account and protect their privacy, I hope my simply post can give information about the importance of security of internet account
Delete