11 replies to this topic

[lennykravitz2004]

http://www.technolog...d-report-816238

And people wonder why I'm so anti-Koobface.   Just a matter of time until FB is a feather in somebody's black hat. Targets only get bigger, and LinkedIn is just the next one up the proverbial food chain.  A HUGH treasure trove of info in all these "social" sites.  Makes me nervous enough signing in @ the Huddle, since the sign-ins are all on unencrypted pages.

Oh, and if you're one of the 6.5 million users of LinkedIn, might be a good idea to change your password.  Just in case.  And your LinkedIn account is connected to your FB account too...?  

"But these companies and sites always have MY best interest at heart."

I'm not sayin', I'm just sayin'...

[stevegrab]

Trying to keep passwords updated and changing has become a giant PITA these days. Numerous web sites, phone systems, internet and work logins its enought to make one

And count me amongst those not into all the social media for a multitude of reasons.

[flemingd]

Now for the fun part - a website called lastpass.com has created a tool that checks a password you enter against the list that was published and lets you know if it's on there.  It doesn't tell you the email address(es) the password works with, and if you enter your real password they can't necessarily correlate that to yours.

I was playing around with it to see how silly/stupid people are, entering passwords off the top of my head.  Among the positive matches I got:

goddammit
neveragain
helloworld
gohome
yousuck
linkedin (seriously, someone used this as a password!)
SNICKERSit
CHIPS AHOY!hole

https://lastpass.com/linkedin/ if you wanna have your own fun or check your password.

[SayItAintSoJoe]

More websites need to start offering a two step authentication process where after you login with your username and password a 6 digit code is sent to your text phone that you'll also need to enter before you gain access.  The code expires after 10 minutes if not used.  B of A has this but for some odd reason they don't really advertise this feature much.  You can set it up to always require the additional code when logging in or only require the code when logging in from an unrecognized computer/device.

Edited by SayItAintSoJoe, 07 June 2012 - 08:54 AM.

[matt770]

What the f is LinkedIn??

[stevegrab]

flemingd, on 07 June 2012 - 05:58 AM, said:

Now for the fun part - a website called lastpass.com has created a tool that checks a password you enter against the list that was published and lets you know if it's on there.  It doesn't tell you the email address(es) the password works with, and if you enter your real password they can't necessarily correlate that to yours.

I was playing around with it to see how silly/stupid people are, entering passwords off the top of my head.  Among the positive matches I got:

goddammit
neveragain
helloworld
gohome
yousuck
linkedin (seriously, someone used this as a password!)
SNICKERSit
CHIPS AHOY!hole

https://lastpass.com/linkedin/ if you wanna have your own fun or check your password.

None of the passwords I use in various places were found in there. But then virtually every password I use has a mix of letters and numbers, and isn't simple words/phrases. I do re-use some in multiple places (say football web sites might all have the same one).

SayItAintSoJoe, on 07 June 2012 - 07:30 AM, said:

More websites needs to start offering a two step authentication process where after you login with your username and password a 6 digit code is sent to your text phone that you'll also need to enter before you gain access.  The code expires after 10 minutes if not used.  B of A has this but for some odd reason they don't really advertise this feature much.  You can set it up to always require the additional code when logging in or only require the code when logging in from an unrecognized computer/device.

That's a cool feature as long as it is optional. I for one would have having to do that every time I log into a site (even for my banking).

matt770, on 07 June 2012 - 07:43 AM, said:

What the f is LinkedIn??

I think its like Facebook for professionals.

[polksalet]

I'm pretty sure no one in the world has the same password I use.  It was a nonword that appeared to me once while having a heat stroke.

Your password was NOT one of the ones that was compromised.

Despite this fact, you may still be at significant risk since the hackers might have only posted a partial list.

We strongly recommend that you follow our recommendations above and immediately change your LinkedIn and related passwords.

[WashingtonD]

I got the same message when I checked my password as well. But no way in hell was I not changing mine just to be safe and also since I use that password in two other places I went and changed them there as well.

PITA

[SheikYerbuti]

I got an email telling me to reset my password.  I did, and then immediately deleted my LinkedIn account.  Not really sure why I ever had one in the first place.

[loaf]

someone's password is 123456

[polksalet]

malcolmx
frenchfry
peekaboo
steelers

these all popped into my head and were taken

seahawkssuperbowlchamps was not taken

HAHAHAHA

[slambo]

loaf, on 08 June 2012 - 03:49 PM, said:

someone's password is 123456

Must be King Roland and President Skroob.