Yep, just checked it - my unique LinkedIn password SHA-1 hash is in there.
If you have a LinkedIn account, login NOW and change your password. If you've used that password with other things associated with your LinkedIn login (usually your email address), then change those passwords too!
Here's a link to the hash file: combo_not.txt.zip
Here's a nice write-up on the details as well as a online SHA-1 generator so you can check for your own hash: Errata Security
Showing posts with label passwords. Show all posts
Showing posts with label passwords. Show all posts
June 06, 2012
January 17, 2012
Website Password Requirements
Increasingly, I have more and more passwords to remember. Mainly, this is due to different requirements (i.e. minimum length, upper/lower case, numbers, special characters, expiration every X months, etc). Unfortunately, because I am human, my passwords need to make some sense to me. I already have several "series" of passwords that I keep track of mentally. But, the problem is when faced with a login screen, I sometimes have a hard time remembering which password is for what (I'm still fighting the urge to write passwords down). If I could see what the password requirements are, I could make a reasonably successful guess at which password is what.
I believe I'm not the only one, so I'm going to start compiling a list of websites and their password requirements for reference. If you want me to add a site, please leave a comment with the attributes for that site and I'll add it.
I believe I'm not the only one, so I'm going to start compiling a list of websites and their password requirements for reference. If you want me to add a site, please leave a comment with the attributes for that site and I'll add it.
Site: amazon.com
Minimum Length: 6
Numbers Required: N
Upper/Lower Required: N
Special Chars Required: N
Expires: N
Site: google.com
Minimum Length: 8
Numbers Required: N
Upper/Lower Required: N
Special Chars Required: N
Expires: N
Site: newegg.com
Minimum Length: 6
Numbers Required: N
Upper/Lower Required: N
Special Chars Required: N
Expires: N
Other: No spaces, alphanumeric only
Site: isc2.org
Minimum Length: 8 - 20 characters
Numbers Required: Y
Upper/Lower Required: N
Special Chars Required: Y
Expires: N
Site: americanexpress.com
Minimum Length: 8 - 20 charactersNumbers Required: Y
Upper/Lower Required: N
Special Chars Required: Y (only %,&, _, ?, #, =, -)
Expires: N
Other: No spaces and NOT CASE SENSITIVE (!!)
NOTE: This means that they are storing the ACTUAL PASSWORD in their database and not using hashes. Ugh.
Site: Apple/iTunes
Minimum Length: 6 characters
Numbers Required: N
Upper/Lower Required: N
Special Chars Required: N
Expires: N
Site: dell.com
Minimum Length: 6 characters
Numbers Required: Y
Upper/Lower Required: N
Special Chars Required: N
Expires: N
NOTE 2: New requirements since they were hacked.
NOTE 3: Sends email notification of password change.
Site: zappos.com
Minimum Length: 8 characters
Numbers Required:Y/N (either this or Special Char)
Upper/Lower Required:Y
Special Chars Required:Y/N (either this or Numbers)
Expires: N
NOTE 1: Cannot use any of the previous 6 passwords. NOTE 2: New requirements since they were hacked.
NOTE 3: Sends email notification of password change.
Subscribe to:
Posts (Atom)