Bad JuJu: LinkedIn Credentials Compromised

Date June 6, 2012

As you have no doubt heard, 6 and a half million hashed passwords have been leaked from LinkedIn. Also, those password hashes were unsalted, so if you use your LinkedIn password in other places, change it everywhere. In a word, oops. There is a 118MB file floating around (which shouldn’t be too hard to find […]

Password retention and storage

Date August 28, 2008

I got an email from a reader yesterday asking about how I generated and stored my passwords securely. The reader was interested in what methods were available to sysadmins for managing diverse passwords for different machines and devices. I had to laugh at my password generation scheme (run ‘fortune’ a couple of times, pick some […]