

Is 'change your linkedin password' bad advice? - akkartik

I'm going to assume the leak is real, and that Linkedin is currently storing unsalted password digests. I'm also going to assume that people will continue to use poor passwords, just different ones.<p>If a non-tech user changes their password after reading http://thenextweb.com/socialmedia/2012/06/06/bad-day-for-linkedin-6-5-million-hashed-passwords-reportedly-leaked-change-yours-now ("What should you do? For starters, change your password."), have they improved their situation? I think there's a good chance they have not, unless their new password is significantly longer -- which is unlikely. Their situation might even be <i>worse</i>, if the old password wasn't on the list but the new password happens to be. Or just because they're now more complacent and assume everything is ok.<p>I think people should wait to change their passwords until Linkedin acknowledges the leak and starts salting passwords. Or change to a really long (12-16 character) password. Can experts weigh in on this analysis?
======
chc
I don't understand your concern. How would it hurt if you're now using a
different password from the list? If they don't know it's associated with your
account, the only way they'd be able to use a password from the list to access
your account is by trying _all_ the passwords from the list in a dictionary
attack. So in the worst case, you change your password from one that is
definitely susceptible to a dictionary attack and possibly flat-out
compromised to one that may or may not be susceptible to a dictionary attack.

In short, no, "Change your password" doesn't seem like bad advice to me.

~~~
akkartik
Linkedin still has no idea how the attackers got their hands on the passwords.
What if the backdoor is still open?

The primary issue here is that the passwords are hashed unsalted, not that
they've exited the building.

~~~
chc
How is the lack of a salt the problem? AFAIK, all salts do is head off rainbow
table attacks. If you're using SHA1 and you lose the passwords, a salt isn't
going to help you, because they don't need to rainbow table you — they can use
a dictionary attack or just brute force the passwords without much trouble.

It seems to me that losing the passwords was the real problem, and it's
compounded by a poor choice of hashing algorithm and lack of a salt. Lack of a
salt is not good, but I don't see how it's worse than losing them in the first
place. If they'd used bcrypt or not lost the passwords, a rainbow table
wouldn't be useful in the first place.

~~~
akkartik
I don't understand your line of reasoning. Aren't rainbow tables just another
kind of brute force attack? They just allow you to share the brute force
across a large number of passwords. Salts increase the effective length of the
password, and per-password salts eliminate rainbow tables _and_ make brute
forcing harder as well. What am I missing?

\---

Linkedin now says their passwords are salted, so we could change our passwords
now even if I was right. But they're also claiming that all passwords are now
salted.

[http://blog.linkedin.com/2012/06/06/linkedin-member-
password...](http://blog.linkedin.com/2012/06/06/linkedin-member-passwords-
compromised)

In any case, I'm enjoying this conversation, thanks.

~~~
whichdan
I wonder how they're salting their current database. sha1(sha1(pass) + salt)?

------
ja27
I just generated a new random one in Lastpass and changed it. I switched to
Lastpass and mostly generated passwords after the Gawker mess.

~~~
akkartik
How long are your lastpass passwords? What's the default generated length, do
you know?

I've been using password composer (<http://userscripts.org/scripts/show/1341>)
but it generates only 8-character passwords. It's site also seems to have been
taken down. So I need to plan a migration. To do that I'll first need a sense
of how many sites out there still have password length limits.

~~~
jharding
You choose how long you want the passwords LastPass generates for you are. I
like mine to be 24 characters if possible.

