{"id":267,"date":"2012-06-08T02:21:01","date_gmt":"2012-06-08T02:21:01","guid":{"rendered":"http:\/\/www.redesigns.org\/web-builder\/blog\/?p=267"},"modified":"2024-01-21T00:33:06","modified_gmt":"2024-01-21T08:33:06","slug":"linkedin-eharmony-social-networking-sites-hacked-passwords-leaked-poor-security","status":"publish","type":"post","link":"https:\/\/www.ultimatewb.com\/blog\/267\/linkedin-eharmony-social-networking-sites-hacked-passwords-leaked-poor-security\/","title":{"rendered":"LinkedIn, eHarmony social networking sites hacked, passwords leaked, poor security"},"content":{"rendered":"\n
\"\"<\/a><\/figure>\n\n\n

LinkedIn, a popular professional social networking website, and eHarmony, a paid subscription social networking dating site, both\u00a0confirmed Wednesday their sites have been hacked.\u00a0 The breach in the database security was found when the hacker(s) posted the list of 8 million encrypted passwords on a hacker forum, asking for help to break the encryption code.\u00a0<\/p>\n

<\/p>\n

\"\"<\/a><\/figure>\n

<\/p>\n

According to Sophos security reports<\/a>, more than 60% of the passwords have already been cracked.\u00a0 Tech news site Ars Technica said it found about 1.5 million of those leaked passwords to be from eHarmony users.\u00a0 It is possible that all the passwords have been compromised and hacked from the sites’ database, as Rick Redman, a security consultant for Kore Logic Security told Ars Technica<\/a>, “It’s pretty obvious that whoever the bad guy was cracked the easy ones and then posted these, saying, ‘These are the ones I can’t crack.'”\u00a0 If you’re a user on either of these two social networking sites, it is best that you change your password asap – especially if you have been using the same password for different websites, and even worse for data-sensitive websites such as online banking, which is highly recommended against.<\/p>\n

How did the hackers gain access to the sites’ database? Most likely there were security holes in their coding that need to be patched. Poorly formed mysql database queries, for example, can be taken advantage of and manipulated to print out database data to the hacker’s internet browser.\u00a0 Also, the storage of passwords were not secure enough.\u00a0LinkedIn<\/a> encrypted passwords, but did not “salt” them – a process whereby random characters are introduced in the encryption process to make the password cracking harder.\u00a0 LinkedIn has corrected this security weakness and now encrypts and salts new passwords.\u00a0 EHarmony apparently was also using weak encryption policies.\u00a0 While they are advising members how to choose strong passwords in their eHarmony blog<\/a>, they make no mention of any security measures taken by the company to increase security.\u00a0 A strong password is not much use if the website is not storing it properly.<\/p>\n

According to the Techlicious blog<\/a>, “Because eHarmony has yet to adequately address the security measures they are putting in place to protect this breach from happening again, you should consider any password and personal information you post to eHarmony as insecure.” Anyways, we recommend the totally free dating site Friends Match Me<\/a>. Built on Ultimate Web Builder software, it is also a free Facebook dating app and doesn’t store any user passwords in the website database…besides it is a really cool and awesome dating site!<\/p>\n

How to handle member account\/password security on your website?\u00a0 Ultimate Web Builder software uses the latest recommended security policies, employing an encryption process with “salting” for password database storage.\u00a0 Moreover, you can avoid brute force password guessing by setting limits on users trying to login unsuccessfully repeatedly, both on the members side and admin panel side.<\/p>","protected":false},"excerpt":{"rendered":"

LinkedIn, a popular professional social networking website, and eHarmony, a paid subscription social networking dating site, both\u00a0confirmed Wednesday their sites have been hacked.\u00a0 The breach in the database security was found when the hacker(s) posted the list of 8 million … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[199,621,336],"tags":[208,207,209,206],"class_list":["post-267","post","type-post","status-publish","format-standard","hentry","category-social-networking","category-technology-in-the-news","category-website-security-2","tag-eharmony","tag-linkedin","tag-passwords-hacked","tag-website-security"],"_links":{"self":[{"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/posts\/267"}],"collection":[{"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/comments?post=267"}],"version-history":[{"count":6,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/posts\/267\/revisions"}],"predecessor-version":[{"id":4505,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/posts\/267\/revisions\/4505"}],"wp:attachment":[{"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/media?parent=267"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/categories?post=267"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/tags?post=267"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}