Scoop has an Ethical Paywall
Licence needed for work use Learn More

Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

LinkedIn Member Passwords Compromised

[From the Linkedin Blog]

An Update on LinkedIn Member Passwords Compromised

June 6, 2012

We want to provide you with an update on this morning’s reports of stolen passwords. We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts. We are continuing to investigate this situation and here is what we are pursuing as far as next steps for the compromised accounts:

1. Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.

2. These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in this email. Once you follow this step and request password assistance, then you will receive an email from LinkedIn with a password reset link.

3. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.

It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases.

We sincerely apologize for the inconvenience this has caused our members. We take the security of our members very seriously. If you haven’t read it already it is worth checking out my earlier blog post today about updating your password and other account security best practices.

Advertisement - scroll to continue reading

--

Updating Your Password on LinkedIn and Other Account Security Best Practices

June 6, 2012

Our security team continues to investigate this morning’s reports of stolen passwords. At this time, we’re still unable to confirm that any security breach has occurred. You can stay informed of our progress by following us on Twitter @LinkedIn and @LinkedInNews.

While our investigation continues, we thought it would be a good idea to remind our members that one of the best ways to protect your privacy and security online is to craft a strong password, to change it frequently (at least once a quarter or every few months) and to not use the same password on multiple sites. Use this as an opportunity to review all of your account settings on LinkedIn and on other sites too. Remember, no matter what website you’re on, it’s important for you to make sure that you protect your account security and privacy.

Here are some account security and privacy best practices that we recommend for our members:

Changing Your Password:

• Never change your password by following a link in an email that you did not request, since those links might be compromised and redirect you to the wrong place.

• You can change your password from the LinkedIn Settings page.

• If you don’t remember your password, you can get password help by clicking on the Forgot password? link on the Sign in page.

• In order for passwords to be effective, you should aim to update your online account passwords every few months or at least once a quarter.

Creating a Strong Password:

• Variety – Don’t use the same password on all the sites you visit.

• Don’t use a word from the dictionary.

• Length – Select strong passwords that can’t easily be guessed with 10 or more characters.

• Think of a meaningful phrase, song or quote and turn it into a complex password using the first letter of each word.

• Complexity – Randomly add capital letters, punctuation or symbols.

• Substitute numbers for letters that look similar (for example, substitute “0 for “o” or “3 for “E”.

• Never give your password to others or write it down.

A few other account security and privacy best practices to keep in mind are:

• Sign out of your account after you use a publicly shared computer.

• Manage your account information and privacy settings from the Profile and Account sections of your Settings page.

• Keep your antivirus software up to date.

• Don’t put your email address, address or phone number in your profile’s Summary.

• Only connect to people you know and trust.

• Report any privacy issues to Customer Service.

ENDS


© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Business Headlines | Sci-Tech Headlines

 
 
 
 
 
 
 
 
 
 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.