Please change your linkedin passwords now. I mean right now.

LI confirms that “some of the passwords that were compromised correspond to LinkedIn accounts.”

Please change your linkedin passwords now. I mean right now. If you are one that uses the same password across multiple sites, you should do a review of your passwords immediately. If the linkedin password was shared across sites, those passwords should be changed right now. If your linkedin password resembles your work credentials, change them. Change them all. Right now.

Unfortunately users rarely take password security seriously. It has been shown that most users user one password for all their accounts. That’s a problem when a breach like this linked loss of 6.5 million passwords occurs.  The attacker is a worthy opponent.   They know what to do.  The hacker that stole this information has already gotten in to some bank accounts and stolen hard earned cash.

Don’t be a victim.  Change any password you instinctively know is just too simple.  Use minimum of 9 characters with caps, numbers and special characters.  Use Lastpass.com to remember them all. It’s an excellent tool and it works.  Add a yubikey for two-factor authentication. Google Authenticator is great also and uses your cell phone as a second factor.  Most email services can use SMS verification so that accessing your email always requires the password, and a code delivered via your cell phone.   See this article at coding horror for a good tutorial on that.

If you think your pass is strong, Run a MD5 and SHA1 hash of your passwords and search google for those hashes.  If any hits come back, change your password(s).  NOW!  If you’re not sure what I’m talking about, here’s a tool on my website to help you:  http://emsy.us/hash

Yampolskiy created a tool that checks your password against the list of known cracked passwords(about 160k of 6.5 million).  You can check if your password has been affected here.  Check out his blog post on the topic.

Lastpass has also offered a tool to check if your linkedin password was compromised.

Should you use any of these tools to check if you password has been hacked?  If you don’t, you may never know.  Why not change the linkedin password, and then check it.  You should be changing passwords regularly anyway right?

The days of being secure using a password are long gone.  Today, at the very least, you should be using complex passwords of minimum 9 characters, preferably randomly generated, with a second factor authentication.

Please comment, call or email anytime if you have questions about all this.

 

 

 

Tags: , , , , , , , , , , ,

If you enjoyed this article, get new ones by email (it's free).

Email:

You can unsubscribe anytime and we will never share or sell your email address.



Leave a Reply