Re: Wall Street Journal reports security breach against LinkedIn passwords
John Abreau <jabr@...
2012-06-07 18:00:13 GMT
I normally use "apg -m 14" to generate random 14-character passwords
so I have a unique password for each and every website I register with.
apg is in the Fedora yum repo and the CentOS EL repo; its website is at
I would imagine it's also available for debian, ubuntu, etc.
On Thu, Jun 7, 2012 at 9:19 AM, Tom Buskey <tom@...> wrote:
> On Thu, Jun 7, 2012 at 8:36 AM, Brian St. Pierre <brian@...>
>> On 06/07/2012 07:33 AM, Lloyd Kvam wrote:
>> > Today's WSJ reported in the Digits column that encrypted LinkedIN
>> > passwords had been leaked. Decryption efforts have been successful
>> > against some subset of these passwords.
>> > I was disappointed to see no acknowledgement on the LinkIn site. (I
>> > just found it buried in the clutter. Its a link to CBS news??)
>> Bottom line: go change your LinkedIn password right now.
> This kind of thing will happen again. It's important to use different
> passwords for each site/account you have. I recommend using a "password
> safe" of some sort with long, random passwords. If you must, a card in your
> wallet will work unless you lose your wallet often.
> There are rainbow tables out there with every combination of 8 character
> passwords. You type in the hash & it spits back the password that generated
> I use KeypassX. It runs on Linux, Windows, Macintosh, iphone, android and
> there's a blackberry app that gives read only access.
> If you're a Google user, there's a 2 factor system called Google
> Authenticator. It's like the RSA SecureID with an app that runs on all of
> the above. It can also use SMS or even call your phone and read the number
> to you.
> gnhlug-discuss mailing list
John Abreau / Executive Director, Boston Linux & Unix
Email jabr@... / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99