7. June 2012 15:45
As you already know, the LinkedIn passwords were supposedly leaked and became available online in form of hashed data. Or they were not, but it doesn’t really matter.
What really matters for you as for web developer is to see mistakes of LinkedIn developers and learn from them.
1. Website Performance
When people learned, that their passwords were jeopardized and these passwords could be the keys to other systems as well, they rushed to change the password. All at once. And LinkedIn has about 161 millions of users so far. No, of course there are thousands of dead accounts and people who haven’t heard about the problem yet, but still – many millions of people logged into their accounts, went to the profile settings and started the password changing procedure.
As the result, many people couldn’t do that, because the machines, responsible for that feature, were too busy. If you were among those who tried to change his password the day it hit the news, you could see that Ajax window, saying it’s waiting for the operation to complete. I did it from second attempt, since my password was one year old anyway.