Twits du Jour (Jun 10)
- My Top 3 #lastfm Artists: Hardline (24), Richard Marx (21) & Wig Wam (12) t.co/F1RtTI1k #
Twits du Jour (Jun 8)
- Best comment I've read thus far: "Stop talking about passwords, start talking about passphrases." #
Twits du Jour (Jun 7)
- on{X} just flashed my horoscope… That's kinda cool. t.co/K7JVSsD5 #
- @koehntopp I'm pretty sure the second item in your list (except for the pattern, maybe) makes absolutely no difference in today's world. #
- @koehntopp Casing, numbers, etc. makes your password no more secure than 4 common words… just harder to remember… t.co/7s1kLuB3 #
- @talios @koehntopp They are related, same hacker. My guess at t.co/Sj1ztYRc #
Leakedin
I was just reading this blog post from Vicente Silveira explaining yesterday's breach of Linkedin's password databases.
It really rubs me the wrong way, to say the least.
Rant-on.
First, he minimizes the breach. Dude, you just got hacked.
Second, he dares lecture us on the use of strong passwords. Seriously? That wouldn't have made one bit of a difference, would it? The hacker lifted the passwords directly from your databases, didn't he?
What you should really explain is why your password databases weren't salted in the first place? It is really not rocket science. But salting wasn't the solution, was it? Not losing the hashes in the first place, was.
Let me venture a guess or two here. Could it be that the hacker gained access using a weak password from someone in your organization? Could it be that this person was a contractor also working for eHarmony? I know, I'm reaching…
Rant-off.