Slashdot Mirror

← Back to Stories (view on slashdot.org)

Leaked Passwords On Display At a German Museum

Posted by timothy on from the where's-your-scanner dept.

Daniel_Stuckey writes "Earlier this year, it was London. Most recently, it was a university in Germany. Wherever it is, [artist Aram] Bartholl is opening up his eight white, plainly printed binders full of the 4.7 million user passwords that were pilfered from the social network and made public by a hacker last year. He brings the books to his exhibits, called 'Forgot Your Password,' where you're free to see if he's got your data—and whether anyone else who wanders through is entirely capable of logging onto your account and making Connections with unsavory people. In fact, Bartholl insists: "These eight volumes contain 4.7 million LinkedIn clear text user passwords printed in alphabetical order," the description of his project reads. "Visitors are invited to look up their own password.""

8 of 42 comments (clear)

  1. meanwhile by marcello_dl · · Score: 4, Funny

    I'd set up some cams to see what the visitors point at (getting the password or a narrow alphabetical space to bruteforce), and try to sniff their smartphone (fake open AP) so i get what the user could be. That will teach those suckers to look up their pass in public

    --
    ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
  2. I logged into my account and closed it. Problem s by jasonbrown · · Score: 3, Interesting

    I can't remember why I needed them in the first place anyways.

    --

    "Congress shall make no law... abridging the freedom of speech, or of the press"
  3. Re:Worse are sites with password constraints by Anonymous Coward · · Score: 5, Funny

    Oh, and we don't support ASCII so good luck with those bullets

    An EBCDIC website?

  4. Re:Worse are sites with password constraints by AnttiV · · Score: 5, Interesting

    Amen to that. The funny (or sad) thing is, this is too common, even in this age. One of the largest ISPs/Carrier Networks here in Finland has a hilariously stupid password rule set. Note: As much as I'd like it to be, this is not a joke.

    1) 8-16 characters.
    2) a-z, A-Z, 0-9 ONLY (Note: Although this is a Nordic country, this still excludes our normal day-to-day use letters ä, ö and å.
    3) No three same characters in the entire password. NOT sequential or one after the other. In the *whole* password. (So "2rv8b23r09vnbn2" would not do, because "2" is there three times).

    4) NO rule for sequential numbers/characters.

    What this all comes to, is that the system gladly accepts "12345678" and "abcdefg" as perfectly viable and good passwords, but doesn't allow "j243508vubj234gj", "#a&%B3bv#sdf#" or "correct horse battery staple" to be used.

  5. They'll find mine in the list by jeauxkewl · · Score: 3, Funny

    It's the same as all my others. *************

    1. Re:They'll find mine in the list by wonkey_monkey · · Score: 4, Funny

      hunter2

      --
      systemd is Roko's Basilisk.
  6. Re:Worse are sites with password constraints by JLennox · · Score: 3, Insightful

    I've worked with designers that though more rules = more secure, which is the opposite of true. More rules = less key space.

  7. I fucking hate... by russotto · · Score: 3, Funny

    ...conceptual art.