CSDN website 6 million user password compromised

Online users have said that in 2011, December 21, hackers in the online public on the well-known programmers Web site CSDN user database, which has as much as 600多万个 the plaintext registered email account and password was exposed and leaked, thus becoming a major network security accident in China this year.

And this is called "csdn-Chinese It community-6 million RAR" files on the Internet by the fiery spread, file size of 107366K, and after downloading verification, the author found that it does record a large number of CSDN mailboxes and passwords, and it is clear.

But the most incredible thing about the whole story is that a large web site such as CSDN, with programmers and developers at its core, uses plaintext to store passwords, which leads to huge numbers of users ' account information including passwords being leaked directly, and this is the most incredible place Because as long as a little bit of programming programmers know, for the user's security, you should keep the user password in the database encryption information, and the simplest MD5 (password + random string), generally like ucenter such a forum will also be this information again MD5, Thus hackers even download the database, then the user's password cracking is not an easy thing.

CSDN official Weibo issued a statement saying:

According to Csdn's Fanke said, Csdn before April 2009 is the clear text to save the password, therefore leaked out csdn the clear text account data is September 2010 data, the leakage reason is unknown.

Therefore, I suggest that once registered CSDN users, immediately modify the csdn password, if the password is also used in other sites, please log on to other sites as soon as possible to modify the password. If possible, be sure to modify the network silver, email and other important website password, in order to protect the fund security, to prevent privacy leakage.

This CSDN website password leaks, also exposes the so-called micro-bo real-name real-name problem, the most personal information you enter on the site, the greater the threat to you, even if it is some very well-known large sites. Internet security is no small matter, this incident is also to those who preach the real name of one of the biggest irony.