technology news Beijing time on December 21st evening news, Chinese developer online community CSDN issued a statement tonight, "6 million user account password disclosure" for a public apology, admitted that part of the user account will be temporarily closed at risk, user login, and request "in April 2009 before the registration account, modify the password and immediately after September 2010 have not changed the user password.
below is the full text of the statement:
dear CSDN member:
we are very sorry for the recent occurrence of CSDN user database leaks, your user password may be open. We sincerely invite you to modify CSDN password, if you use the same password on other websites. Please modify the password of the relevant website.
CSDN has been officially reported to the public security organs, public security organs are also investigating clues.
once again to express my deep regret to you!
statement on the CSDN site user account was compromised:
CSDN site early use of plaintext passwords, the use of plaintext because of a third party chat program integration verification, the subsequent programmers have not been processed. Until April 2009, when the programmer to modify the password to save the way, instead of encryption password.
but some of the old plaintext password is not cleared, the end of August 2010, for allplaintext password account database clean-up. 2011 New Year’s day, we upgraded the CSDN account management functions, the use of strong encryption algorithm, account database from Windows
Server on the SQL Server migration to the Linux platform MySQL database to solve the various security issues CSDN account.
a, CSDN account database is expressly saved password
before April 2009 is clear, after April 2009 is encrypted, but some plaintext password is not clean; the end of August 2010 cleared all the plaintext password. So from the beginning of September 2010 are all safe, before September may be unsafe.
two, my CSDN account is safe? Do you need to change your password?
1, if you are registered in April 2009 before the account, and after the September 2010 did not change the password, please change your password immediately;
2, if you are registered in April 2009 after the account, and after the September 2010 did not modify the password, it is recommended to change the password;
3, if you are registered in September 2010 after the account, do not have to change the password, but there is a possibility of leakage mailbox;