LinkedIn Security Breach: Millions of Passwords Compromised and What You Should Do About It

17 June 2012

On June 6, 2012, LinkedIn announced publicly that may have suffered from a security breach that compromised the passwords of many of its members. On June 9th, they confirmed that the security breach definitely occurred and may have effected up to 6.5 million users. They say they are working with the FBI to track down the criminals involved.

Information You Should Know About This Breach

  • LinkedIn says that they have disabled the passwords of members they believe to have been at risk.
  • LinkedIn does not believe that the actual accounts have been breached because of the stolen passwords.
  • According to Rapid7.com, many of the passwords that were cracked were simple words like “link”, “god”, “work” and number patterns like 1234.

If Your Password Has Been Disabled

As  mentioned, LinkedIn has disabled the passwords on the accounts they believe have been breached. You should have received an email notification on how to reset your password.

NOTE: There are no links in this official email to help protect you from phishing attempts…you should never follow links in an email to reset your password if you didn’t specifically request it. Instead, if you got the email from LinkedIn. You should open your browser, go directly to LinkedIn.com and then follow the instructions on resetting your password.  

If Your Password Has Not Been Disabled

Even if your password has not been disabled by LinkedIn, it’s still a good idea to change your password.  Here is how to change your LinkedIn password:

Go to https://www.linkedin.com/uas/request-password-reset?trk=pwbanner – to reset your password.

LinkedIn request password reset

You will then get a notice that tells you to check your email for a password reset link. 

LinkedIn password reset link

You CAN click on the link in this email because you specifically requested it. It will include your full name that you used for LinkedIn account. The email will look something like this:

LinkedIn password reset email

Once you’ve clicked the link in the email, you’ll be taken to a page that asks you to enter and confirm a new password.

LinkedIn resetting password

Click “Reset Password” when you’re finished and the process will be complete. You will see the message below on the screen. You will also receive an email confirmation of the reset. 

LinkedIn successfully reset password

Tips for Secure Passwords

  • Use different characters and not just letters.
  • Capitalize a letter or two in your password.
  • Avoid keyword patterns like 1234 and qwerty.
  • Avoid using a simple word or phrase that is easy to guess and never use a single word.
  • Always create a new password for each log in you create. 
Enhanced by Zemanta
If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.

Tags: , , , ,