theGinsue
06-08-2012, 23:19
So, I just read this article on Yahoo News that on June 6th, 2012, Russian Hackers compromised 6.5 million account passwords. I have an account there as I know many of you do as well. I went & changed my password and then checked this site to see if me old password was one of those compromised - it was. This is particularly bad for those who use the same password on multiple sites.
Sadly, this is the FIRST I've heard of this situation as LinkedIn has been unusually quiet about this security breach.
If you have a LinkedIn Account, go change your password then check out your old one at the link provided in the article (last paragraph) to see if you were one of those compromised.
Your password was one of the ones that was compromised.
We strongly recommend that you follow our recommendations above and immediately change your LinkedIn and related passwords!!
Yahoo News Article:
(Source:http://news.yahoo.com/blogs/technology-blog/linkedin-last-fm-bounce-back-compromised-password-152555403.html)
No matter what way you look at it, it's been a rough week for online account security. First, LinkedIn revealed (http://www.tecca.com/news/2012/06/06/linkedin-password-leak-hacker/) that a whopping 6.5 million account passwords were compromised by Russian hackers. Then, social music portal Last.fm put out a warning to its entire userbase (http://www.tecca.com/news/2012/06/07/last-fm-password-breach/) that their accounts may, too, have been compromised. Overall, an estimated 30 million people have been affected by the unfortunate events.
First things first
If you have a LinkedIn or Last.fm account and haven't yet changed your login details, the very first thing you need to do is update your password(s). The process is extremely simple for both sites: Simply log in using your existing username and password, navigate to the preferences (or settings) menu, and input your new password. Save the changes, and you're set to go.
Pick a password that you can remember, but not something that is a common word or phrase. Many sites will now require you to use numbers, capital letters, or even odd, non-alphanumeric characters in your password (http://www.tecca.com/tips-and-tricks/keep-your-passwords-safe-and-hidden/). While it may seem like a nuisance, this practice does help make your account more secure. Here are some tips everyone should use as a starting point for creating a strong password:
Do pick a complex combination of words with no relation to one another
Do include numbers, capital letters, and other characters when possible
Do pick a password you can remember without having to write it down
Do change your password frequently, or any time you feel your account may be the victim of a breach
Do not use names, specifically those of family members
Do not use common phrases or short passwords
Do not use the same password for multiple sites
Do not tell anyone your password under any circumstances
Do not rely solely on password managers to handle your info, they can be breached as well (http://www.tecca.com/news/2011/05/05/lastpass-password-security-breach/)
A word of warning: If you think you're being creative or ultra-sneaky by using a well-known password, but with a few numbers swapped in for letters, you better think again. Modern password-cracking software used by identity thieves can account for alterations such as this, and you're actually better off making your password longer, with a complex phrase you made up on the spot.
Were you a victim?
After you've changed your password — and only after you've changed it — you can check whether or not your account was actually part of the LinkedIn hacker breach. Online security company LastPass has set up a tool (https://lastpass.com/linkedin/) that can check whether or not your password was one of the 6.5 million seized by the scammers. Simply type your old password into the box and click "Test my password" to find out if you were one of the ones affected.
Sadly, this is the FIRST I've heard of this situation as LinkedIn has been unusually quiet about this security breach.
If you have a LinkedIn Account, go change your password then check out your old one at the link provided in the article (last paragraph) to see if you were one of those compromised.
Your password was one of the ones that was compromised.
We strongly recommend that you follow our recommendations above and immediately change your LinkedIn and related passwords!!
Yahoo News Article:
(Source:http://news.yahoo.com/blogs/technology-blog/linkedin-last-fm-bounce-back-compromised-password-152555403.html)
No matter what way you look at it, it's been a rough week for online account security. First, LinkedIn revealed (http://www.tecca.com/news/2012/06/06/linkedin-password-leak-hacker/) that a whopping 6.5 million account passwords were compromised by Russian hackers. Then, social music portal Last.fm put out a warning to its entire userbase (http://www.tecca.com/news/2012/06/07/last-fm-password-breach/) that their accounts may, too, have been compromised. Overall, an estimated 30 million people have been affected by the unfortunate events.
First things first
If you have a LinkedIn or Last.fm account and haven't yet changed your login details, the very first thing you need to do is update your password(s). The process is extremely simple for both sites: Simply log in using your existing username and password, navigate to the preferences (or settings) menu, and input your new password. Save the changes, and you're set to go.
Pick a password that you can remember, but not something that is a common word or phrase. Many sites will now require you to use numbers, capital letters, or even odd, non-alphanumeric characters in your password (http://www.tecca.com/tips-and-tricks/keep-your-passwords-safe-and-hidden/). While it may seem like a nuisance, this practice does help make your account more secure. Here are some tips everyone should use as a starting point for creating a strong password:
Do pick a complex combination of words with no relation to one another
Do include numbers, capital letters, and other characters when possible
Do pick a password you can remember without having to write it down
Do change your password frequently, or any time you feel your account may be the victim of a breach
Do not use names, specifically those of family members
Do not use common phrases or short passwords
Do not use the same password for multiple sites
Do not tell anyone your password under any circumstances
Do not rely solely on password managers to handle your info, they can be breached as well (http://www.tecca.com/news/2011/05/05/lastpass-password-security-breach/)
A word of warning: If you think you're being creative or ultra-sneaky by using a well-known password, but with a few numbers swapped in for letters, you better think again. Modern password-cracking software used by identity thieves can account for alterations such as this, and you're actually better off making your password longer, with a complex phrase you made up on the spot.
Were you a victim?
After you've changed your password — and only after you've changed it — you can check whether or not your account was actually part of the LinkedIn hacker breach. Online security company LastPass has set up a tool (https://lastpass.com/linkedin/) that can check whether or not your password was one of the 6.5 million seized by the scammers. Simply type your old password into the box and click "Test my password" to find out if you were one of the ones affected.