LinkedIn's first priority in the wake of the incident has been to "lock down and protect" the accounts associated with the decoded passwords, he said. "We've invalidated those passwords and contacted those members with a message that lets them know how to reset their passwords," Silveira said.

"Going forward, as a precautionary measure, we are disabling the passwords of any other members that we believe could potentially be affected," he said.

Silveira again noted that as part of the improved security measures, LinkedIn's current production database for account passwords is salted as well as hashed. Some security experts have faulted LinkedIn for using only the SHA-1 hashing algorithm to protect member passwords.

Though the algorithm provides a degree of security, it is not foolproof. Therefore, many companies also use saltinga process in which a string of random characters are added to a password before it is hashedto make hashes harder to crack.

Chester Wisniewski, senior security advisor at Sophos called Silveira's comments about salting somewhat confusing. "They are saying that their current production database is now salted, which seems to be technically impossible. They either lost the database some time ago and have been adding salts as users log in, which means not all of them are salted, or they have plaintext copies of the passwords, which defeats the purpose of hashing them to begin with," he said by email.