So how exactly do cyber-crooks use these passwords once they have them? There are multiple potential uses, explains Chester Wisniewski, senior security adviser for data security firm Sophos. For hackers around the world, the huge trove of new leaked passwords is an opportunity to update their ?rainbow tables??vast databases that serve as a digital key for cracking encrypted passwords, called ?hashes.? The most-secure websites use an extra layer of password encryption, called ?salting,? so that two users with the same password?say, ?123456??will have different hashes. But LinkedIn didn?t do that, so the same key will unlock the accounts of every user who has that password, not only on LinkedIn but on any other site that uses the same hashing algorithm. (eHarmony apparently used an even weaker algorithm, also sans salt.)
sag aftra merger dj am bully bohemian rhapsody bohemian rhapsody spike lee carson daly
No comments:
Post a Comment