Like everyone this week, I learned about a huge file of password hashes that had been leaked. The 120MB zip file contained 6,458,020 SHA-1 hashes of passwords for end-user accounts. At first, everyone was talking about a quick way to check if their password had been leaked. This simple Linux command line: echo -n MyPassword | shasum | cut -c6-40 allows the user to create a SHA-1 sum of his password and take the 6th … Continue reading Lessons learned from cracking 2 million LinkedIn passwords