1050 posts Massfocus
  • Elite Author: Sold more than $75,000 on Envato Market
  • Sells items exclusively on Envato Market
  • Made it to the Authors' Hall of Fame
  • Has referred 500+ members
+7 more
Massfocus says

I just read it on a dutch news site http://tweakers.net/nieuws/82411/wachtwoorden-miljoenen-linkedin-gebruikers-op-straat.html

Its probably being covered in other news sites as well. Just wanted to let everyone know, as i am sure most of us here have linkedin accounts. A good time to change your password.

380 posts
  • Pulled off some great moustache to raise money or awareness for Movember Australia
  • Had an item featured on Envato Market
  • Has sold $10,000+ on Envato Market
  • Has referred 1+ members
+4 more
Cryonics says

I have not registered on LinkedIn :winktongue: But, thanks for warning…

2381 posts Bird is the word..
  • Located in United States
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $500,000+ on Envato Market
  • Has been part of the Envato Community for over 7 years
+8 more
jonathan01 says

passwords were not revealed or got – still in hashtag format apparently – still prudent to change your password.

754 posts
  • Has referred 10+ members
  • Has sold $5,000+ on Envato Market
  • Has collected 1+ items on Envato Market
  • Pulled off some great moustache to raise money or awareness for Movember Australia
+4 more
EliIsakov says

I am not part of that :D

3787 posts Community Moderator
  • Helps us moderate the forums
  • Contributed a tutorial on Tuts+
  • Located in Netherlands
  • Made it to the Authors' Hall of Fame
+9 more
Joost Moderator says

passwords were not revealed or got – still in hashtag format apparently – still prudent to change your password.

6,5 million SHA1 hashes were released, which appeared to be unsalted. This basically means that any password below 8 characters is public knowledge, as well as any password that might appear in a dictionary or a list of likely passwords. More importantly; whoever published this list probably has a way of connecting the hashes to the email addresses they belong to, and it is more than likely that more than these 6,5 million were compromised.

Anyone with a LinkedIn account is recommended to not use the password they used there ever again at any other service (which means; change it wherever you’re using it). Consider it broken. Furthermore, don’t change your LinkedIn password to something you use elsewhere – the leak has not yet (publically) been identified or fixed. Do change it, though. Change it to something unique.

If you want to find out if your password was included in the list, simply hash it using unsalted SHA1 (openssl sha1 on a Linux/Mac system) and check if it’s in the list. You can find the Hash file easily via Google – it’s called combo_not.zip. I do recomend not opening it in notepad, though, as it’ll probably crash trying to read a 108MB txt file. Use something from the commandline, like

grep `echo -n "Andres#1" | openssl sha1`  combo_not.txt 

EDIT : Make sure you check if the hash with the first 5 characters turned to zero’s is not in there either; this seems to be a way of the crackers to identify already cracked hashes – a good share of them.

UPDATE : It seems LinkedIn has confirmed the authenticity of at least some of the passwords. For (quite general) background info (on hashes etc), you can refer to this article

878 posts
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $250,000+ on Envato Market
  • Sells items exclusively on Envato Market
  • Made it to the Authors' Hall of Fame
+6 more
LCweb says

I am not part of that :D

Me too :D

203 posts
  • Has been part of the Envato Community for over 5 years
  • Has referred 10+ members
  • Has sold $1,000+ on Envato Market
  • Located in Canada
+2 more
iLochie says

It’s worth noting, you can check your password here: http://leakedin.org/

3310 posts
  • Provided great contribution to our forums
  • Nominated Community Superstar of the month
  • Helps us moderate the forums
  • Has been part of the Envato Community for over 5 years
+18 more
dtbaker Moderator says

It’s worth noting, you can check your password here: http://leakedin.org/

dang. mines in there :P haha. * changes *

4822 posts Interactive Design
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $500,000+ on Envato Market
  • Interviewed on an Envato blog
  • Made it to the Authors' Hall of Fame
+8 more
digitalscience says
http://leakedin.org/ <—If anything I’d be careful using this site, since you basically giving your password to them! :D
203 posts
  • Has been part of the Envato Community for over 5 years
  • Has referred 10+ members
  • Has sold $1,000+ on Envato Market
  • Located in Canada
+2 more
iLochie says

http://leakedin.org/ <—If anything I’d be careful using this site, since you basically giving your password to them! :D
No XHR requests before the password is hashed using SHA -1. The only thing you should worry about is having a crappy password! Haha, but really – there shouldn’t be much concern – they don’t have your email so there’s not much risk. If you have a strong password it’ll take a very long time to crack – I’d say very little risk even if they were storing the SHA -1 hash you submitted.

Helpful Information

  • Please read our community guidelines. Self promotion and discussion of piracy is not allowed.
  • Open a support ticket if you would like specific help with your account, deposits or purchases.
  • Item Support by authors is optional and may vary. Please see the Support tab on each item page.

Most of all, enjoy your time here. Thank you for being a valued Envato community member.

Post Reply

Format your entry with some basic HTML. Read the Full Details, or here is a refresher:

<strong></strong> to make things bold
<em></em> to emphasize
<ul><li> or <ol><li> to make lists
<h3> or <h4> to make headings
<pre></pre> for code blocks
<code></code> for a few words of code
<a></a> for links
<img> to paste in an image (it'll need to be hosted somewhere else though)
<blockquote></blockquote> to quote somebody

:grin: :shocked: :cry: Complete List of Smiley Codes

by
by
by
by
by
by