LinkedIn breach sheds light on password vulnerabilities

credit: https://mobile.linkedin.com/

Screenshot from linkedin.com website

Select an option below to continue reading this premium story.

Already a Honolulu Star-Advertiser subscriber? Log in now to continue reading.

Get unlimited access

From as low as $12.95 /mo.

Subscribe Now

Business-oriented social networking site LinkedIn recently disclosed that its 2012 hacking episode affected 117 million users instead of the original estimate of 6.5 million. Chances are good that if you have a LinkedIn account, your password was compromised. Even more chilling is a report that these passwords have been put up for sale by nefarious characters on the Web. What, then, can you do to protect yourself against such evildoers?

First, even though it might seem like closing the barn door after the cows have fled, change your LinkedIn password. Then, consider implementing personal password practices to prevent against future hacking events. There is no “if” here; there will be future events.

Going forward, don’t use the same password for all of your logins. While this seems handy, the LinkedIn episode clearly illustrates the problem with this approach. If you used your LinkedIn password for your online banking, your bank account is now exposed.

Many folks use the same password for different sites because they fear forgetting that password. Don’t worry about that. Every single reputable website has an automated password recovery process that will allow you to reset your password in less than five minutes. Keep in mind that automated password recovery processes typically send you a temporary password. Change that one right away.

Speaking of change, make sure you change all your passwords regularly, at least once a quarter. Don’t reuse old passwords. We used to say don’t reuse the last five passwords, but the LinkedIn breach occurred in 2012 and those passwords are purportedly for sale today.

Just these few tips greatly increase the number of passwords you need to remember. Many folks use password manager software to help with this task. There are many free password management packages available today; a simple Google search will uncover these.

Don't miss out on what's happening!

Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

The downside to password management software is that there is one master password for your password database. If that password was somehow compromised, then all of your passwords would be exposed. Furthermore, some password management applications store your passwords in the cloud, adding another potential level of exposure. If you do use password management software, make sure that it stores the data locally and also encrypts that data.

Sure, passwords are a pain to maintain, but for the time being they are a necessary evil. The bottom line is that there are several options to help ensure the security of your passwords. Doing nothing is not a good choice.

John Agsalud is an IT expert with more than 25 years of information technology experience. Reach him at johnagsalud@yahoo.com.