[ubuntu-uk] phishing and LinkedIn

Bruno Girin brunogirin at gmail.com
Thu Jun 7 15:44:48 UTC 2012


On 07/06/12 11:35, Joe wrote:
> I figure if they already have the hash it's theoretically only a matter of time before they crack it.
> Using it at least tells you if your password has been cracked (if it is honest about that) and so can help you to determine if there's a chance that someone already has had chance to access your account.
>
> I'd say people should be changing their passwords regardless, so there's no harm in putting in if you're about to change it.

Indeed. So change your password *first*. Then put the old one in to see
if it was cracked. And also go and change your password in every other
place where you've used the same password. I know, you should never
re-use passwords but most of us do it anyway.

On a similar subject, I discovered recently the security key feature on
PayPal. You set up your mobile phone number and it will send you a text
message with a one time pin in it that is valid for 5 minutes and that
you have to type in, in addition to your password. And it's free! To
enable it, go to Profile -> My Account Settings and scroll down to the
Security key thing.

Cheers,

Bruno




More information about the ubuntu-uk mailing list