Thursday, June 7, 2012

LinkedIn Password Data Leaked

As reported by several security related online portals, a file with approx. 6.5 mio SHA-1 password hashes from LinkedIn users is currently circulating the web. I could easily get ahold of a copy of that 250 Mb file through bittorrent and realized that my password matched an entry :(.

Here's how you can check:
$ echo -n "password" | shasum
$ grep 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 SHA1.txt
$ grep 000001e4c9b93f3f0682250b6cf8331b7ee68fd8 SHA1.txt 
000001e4c9b93f3f0682250b6cf8331b7ee68fd8

As mentioned here, a subset of the hashes are marked with 00000, presumably to identify already cracked passwords. You should therefore check both variants as shown above.

If your password matches, you should change your LinkedIn Password asap and then change your passwords everywhere where you reused it (especially for popular platforms like Facebook, Google or Amazon).
Labels: , , ,

3 comments:

  1. antoinetJune 7, 2012 at 12:49 PM

    By lack of shasum you can also use PHP's sha1() function:
    php -r 'echo sha1("password")."\n";'

    ReplyDelete
  2. antoinetJune 11, 2012 at 12:30 PM

    This blogpost show which tools are used to crack the SHA-1 hashes: http://erratasec.blogspot.de/2012/06/linkedin-vs-password-cracking.html

    ReplyDelete
  3. BestApril 11, 2020 at 8:54 AM

    We are really grateful for your blog post. You will find a lot of approaches after visiting your post. I was exactly searching for. Thanks for such post and please keep it up. Great work. Kennected

    ReplyDelete

Subscribe to: Post Comments (Atom)