password posts on CNET - Page 16


LinkedIn woes put spotlight on password flaws

The years change, but the stories remain the same. Passwords are a crappy defense and most of us use poor ones in exchange for ease of use.

Scads of LinkedIn users have had their passwords stolen. Phishing attacks ensued to prey on LinkedIn users. Now eHarmony has had issues. Passwords are regularly swiped from Web mail accounts.

The problem: Passwords may be the most imperfect security measure around. Most users don't want to sacrifice usability for a good password.

Sure, there are encryption techniques, two-factor authentication and other enhanced security measures. The reality is that most of us stick … Read more

eHarmony member passwords compromised

Dating site eHarmony confirmed today that passwords used by its members were compromised following reports of references to the site among allegedly stolen passwords that were posted to a hacker site.

"After investigating reports of compromised passwords, we have found that a small fraction of our user base has been affected. We are continuing to investigate but would like to provide the following actions we are taking to protect our members," Becky Teraoka, spokeswoman for eHarmony, wrote in a blog post. "As a precaution, we have reset affected members passwords. Those members will receive an email with … Read more

Do yourself a favor, don't check if your password was leaked. Ever.

Earlier today rumors started sweeping across the Internet that LinkedIn account passwords had been leaked online. A few hours later, LinkedIn confirmed that the rumors were true; millions of account passwords had been compromised and posted online.

Almost just as fast as the story started spreading, a link to was being passed around as a way to check if your password was leaked in the security breach. To figure out if you're affected, LeakedIn requires you to enter your account password. Your password is then converted to its SHA-1 equivalent and then is compared to the list … Read more

Google Maps adding 3D, offline directions

In today's show we're changing our passwords, talking to strangers and pretending we can fly:

Google Maps are going 3D. Google announced new features it's building into maps, and it gives the perspective of what you might see if you could fly between buildings. Multiple photos are taken by airplanes, and then it's automatically stitched together to look like a 3D model. The demo was of San Francisco, but no word on which other cities will be the first to get this feature. It is expected to cover 300 million people by the end of the … Read more

LinkedIn confirms passwords were 'compromised'

LinkedIn said today that some passwords on a list of allegedly stolen hashed passwords belong to its members, but did not say how its site was compromised.

"We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts," Vicente Silveira, a director at the professional social-networking site, wrote in a blog post. It is unknown how many passwords have been verified by LinkedIn.

LinkedIn has disabled the passwords on those accounts, it said. Account holders will receive an e-mail from LinkedIn with instructions for resetting their passwords. The e-mails will not include any links. … Read more

The 404 1,068: Where it's a small world (podcast)

The time has come for every Internet denizen to take a stand against the worst atrocity (and probably the biggest problem) on the Web: vertical videos. Big thanks to the puppets in this PSA spreading the word about Vertical Video Syndrome.

You can blame Flip video cameras, the ubiquity of videos shot with an iPhone, or just the tech-ignorance masses, but it has to stop. With the help of Ariel, Richard, and Joseph on today's episode, we all hope to put an end to the vertical video travesty.… Read more

What to do if your LinkedIn password is hacked

Update, 1:23 p.m. PT: Updated with LinkedIn's confirmation.

News of millions of LinkedIn passwords leaked through a user on a Russian forum is scary enough. It's important not to let the situation get worse. Be proactive about protecting your other accounts, particularly if you have the same password for all your accounts.

If that's the case, it's time to change them, Jeremiah Grossman of WhiteHat Security said in an e-mail to CNET.

He offered a few tips, via a blog post on how not to get hacked on the Web.

"You wouldn't … Read more

LinkedIn: We see no security breach... so far

Update 1:11 p.m. PT: LinkedIn confirms that passwords were "compromised."

So far, LinkedIn has come up empty on the password leak reported earlier today.

The company's latest tweet simply states that "our team continues to investigate, but at this time, we're still unable to confirm that any security breach has occurred. Stay tuned here."

Assuming the initial report was authentic, LinkedIn's failure to find any sign of compromise in its system doesn't jibe with the number of people on Twitter who say they've found their own hashed LinkedIn passwordsRead more

Millions of LinkedIn passwords reportedly leaked online

Update 1:08 p.m. PT: LinkedIn confirms that passwords were "compromised."

LinkedIn users could be facing yet another security problem.

A user in a Russian forum says that he has hacked and uploaded almost 6.5 million LinkedIn passwords, according to The Verge. Though his claim has yet to be confirmed, Twitter users are already reporting that they've found their hashed LinkedIn passwords on the list, security expert Per Thorsheim said.

LinkedIn revealed through its own tweet that it's looking into reports of stolen passwords, and it advised users to stay tuned for more information.… Read more

'Phone, unlock thyself'

Sooner than you think, the Holy Grail of mobile password security could land on your phone thanks to new tech from Nuance called Dragon ID.

Dragon ID is a voice biometrics system from the same company behind the voice-recognition tech in Dragon Dictate for PCs and Dragon Go for iOS and Android. It promises a hands-free login system, but Nuance isn't putting it out in an app.

Instead, it's licensing the technology to manufacturers so they can build it into their phones.

"We're going to be pretty aggressive with our longstanding OEM partners, so we certainly … Read more