LinkedIn responds to security breach, outlines next steps

4 thoughts on “LinkedIn responds to security breach, outlines next steps”

  1. What I can’t understand is why LinkedIn stored passwords in the first place. If I am reading this right, they stored them in an encrypted format.

  2. … somehow my comment got cut off… to continue:
    Password should never be stored. Instead, a salted hash value from the password is stored. This is super basic security design. You can’t steal what doesn’t exist. And the salting makes rainbow table attacks on the stored hashes unfeasible.

    Really makes you wonder who is running the show.

This site uses Akismet to reduce spam. Learn how your comment data is processed.