LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

8 million leaked passwords connected to LinkedIn, dating website (ars technica)

8 million leaked passwords connected to LinkedIn, dating website (ars technica)

Posted Jun 8, 2012 23:54 UTC (Fri) by paulj (subscriber, #341)
In reply to: 8 million leaked passwords connected to LinkedIn, dating website (ars technica) by dlang
Parent article: 8 million leaked passwords connected to LinkedIn, dating website (ars technica)

I don't let my browser store credentials for any highly-sensitive web-sites, like online banking (and anyway, my online banking login is deliberately designed so that browser credential-storing can't work). Highly-sensitive credentials like that I keep only in my head.

(Log in to post comments)

8 million leaked passwords connected to LinkedIn, dating website (ars technica)

Posted Jun 9, 2012 0:48 UTC (Sat) by martinfick (subscriber, #4455) [Link]

Oh I hate when they do that, etrade used to, but they quit. I complained to them that it actually makes things less secure. I suspect that they eventually agreed.

Seeing as phishing is a very common theme, having to type your password over and over again makes you very succeptible to it. At least when your browser remembers your password you won't likely accidentaly type it into a phishing site. If your browser remembers the password for you, and you visit what you think is your commonly accessed site, and your browser does not auto populate your password, it should send up red flags in your head: "why does it not remember my password?" Oh perhaps because I misstyped and that isn't really an etrade url!

8 million leaked passwords connected to LinkedIn, dating website (ars technica)

Posted Jun 11, 2012 8:51 UTC (Mon) by jezuch (subscriber, #52988) [Link]

> Oh perhaps because I misstyped and that isn't really an etrade url!

Then don't type the address? Always access the site via bookmarks or maybe rely on the browser's autocompletion (based on bookmarks and/or browsing history). And, of course, never, ever click on links in email.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds