You'd have to download the list, calculate an SHA1 sum of your password, then compare it against the list (ignoring the first 7-8 digits in case they've already cracked it). There are mirrors to download on the Reddit post I linked to in the OP.
So how does one with no idea what a salt or sha1 sum find out if they've been hacked? I changed my pwd regardless.
Download the list at http://www4.zippyshare.com/v/57190897/file.html Click on the first download link.
To find your password Go to http://sha1-hash-online.waraxe.us/ and type in your password. You will get a hash for the text you typed Search for that text in the 160 mb file with all the hashed passwords. For example: The hash to pass1234 is 789b49606c321c8cf228d17942608eff0ccc4171. If you look up 9606c321c8cf228d17942608eff0ccc4171 on the list of passwords, you will find it hit on line 1750017.
The point is, if you have used that password anywhere else, on any other site (clutchfans, gmail, facebook), change that password as well.
To be honest, it really doesn't matter if your password is on the list or not. At this point we don't know if they actually posted everything they have. We don't know how extensive this breach is -- all we have is one list posted on the Internet. If you have a LinkedIn account, you should change your password immediately, and if you use that password anywhere else, you should change it now. ESPECIALLY if it's also your email password, because that's pretty much the key to your entire online existence.
Ugh the only other password I had that was the same as my linkedin password was my clutchfans password. And I cant risk Russians hacking my clutchfans account.
I used to have a linkedin account but deleted it a couple months ago. Do you think they still stored my password?
Until LinkedIn fixes their security hole, changing your password is like re-arranging the deck chairs on the Titanic.
What antivirus program should I use that will prevent this from happening again to me? I currently use Avast.
The main alarm seems to be if you're using the same password at a more important site -- amiright? Like for email or god-forbid your on-line banking. What they hell are they going to do with my email address (public) and my stupid, out-of-date resume? (also fairly public)
no problem is here! I am happy happy with the newer signature that i have selected for my appreciative of great russian history. is like usual! ha! LAL!
Antivirus program would not have helped you. Problem appears to be LinkedIn did not build a secure site. Shame on them.
