[ale] unsalted hashes of 6 million linkedin passwords published on the internet

Ron Frazier (ALE) atllinuxenthinfo at techstarship.com
Fri Jun 8 00:19:59 EDT 2012


Hi Michael,

Thanks for the info. I'll take a look at these. I like what I've heard about lastpass too. In my case, I'll need a Linux / Windows / Android compatible solution.

Sincerely,

Ron


--

Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9 Mail.
Please excuse my potential brevity.

(To whom it may concern. My email address has changed. Replying to former
messages prior to 03/31/12 with my personal address will go to the wrong
address. Please send all personal correspondence to the new address.)

(PS - If you email me and don't get a quick response, you might want to
call on the phone. I get about 300 emails per day from alternate energy
mailing lists and such. I don't always see new email messages very quickly.)

Ron Frazier
770-205-9422 (O) Leave a message.
linuxdude AT techstarship.com


Michael Campbell <michael.campbell at gmail.com> wrote:

I am very happy with keepass and keepassx for linux for password management. They both read the same database and have some fun keybinds to automatically populate web forms and such. 

On Jun 7, 2012 4:37 PM, "Ron Frazier (ALE)" <atllinuxenthinfo at techstarship.com> wrote:

On 6/7/2012 3:47 PM, Stephen Haywood wrote:
>> Unsalted and unseeded.  If the hashing had been seeded, the brute
>> forcing would be impossible without the private seed.
>>
> I understand what you mean by unsalted but explain unseeded in terms
> of a SHA1 hash. My understanding is the file contained about 6.5
> million unique password hashes, of which about 3.5 million were
> cracked before the list was made public. Last I heard about 1.5
> million had be cracked and analyzed by Stefan Venken (@StefanVenken).
> I believe the folks at KoreLogic have cracked over 3 million of them.
>
Oh horsefeathers!  (Other expletives deleted)  I found the hash of my
password in the database.  I've already changed it on Linkedin, but I
use that password elsewhere too.  It will take me days to track down
MOST of the places down and change it.  I'm not even sure I know all the
places I've used it.  May have to start using LastPass or something.

Sincerely,

Ron

--

(To whom it may concern.  My email address has changed.  Replying to former
messages prior to 03/31/12 with my personal address will go to the wrong
address.  Please send all personal correspondence to the new address.)

(PS - If you email me and don't get a quick response, you might want to
call on the phone.  I get about 300 emails per day from alternate energy
mailing lists and such.  I don't always see new email messages very quickly.)

Ron Frazier
770-205-9422 (O)   Leave a message.
linuxdude AT techstarship.com

_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20120608/f2ed517e/attachment.html 


More information about the Ale mailing list