Passwords of Many LinkedIn Users stolen and published online

Posted on June 7, 2012

Passwords of many users of the Social networking site LinkedIn were stolen and they were published online.

LinkedIn is a professional social networking site, where users can post their resumes and connect with colleagues or industry contacts.

LinkedIn has confirmed the password leak and informed that the users whose passwords compromised will get email explaining the steps to reset their password.

LinkedIn has given below information in their blog post.

Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in this email. Once you follow this step and request password assistance, then you will receive an email from LinkedIn with a password reset link.
These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.

And, LinkedIn has published another blog post for giving the details about the best practices for keeping the account safe.

This post suggests below things for Creating a Strong Password:

Variety – Don’t use the same password on all the sites you visit.
Don’t use a word from the dictionary.
Length – Select strong passwords that can’t easily be guessed with 10 or more characters.
Think of a meaningful phrase, song or quote and turn it into a complex password using the first letter of each word.
Complexity – Randomly add capital letters, punctuation or symbols.
Substitute numbers for letters that look similar (for example, substitute “0″ for “o” or “3″ for “E”.
Never give your password to others or write it down.

A user in a Russian forum informed that he has hacked and uploaded almost 6.5 million LinkedIn passwords. But he didn’t upload the username/email address details. So, it is not clear whether the hacker is having the list of usernames or just having the passwords alone. Anyway LinkedIn hasn’t given any details about how many accounts were compromised.

The passwords are stored as unsalted SHA-1 hashes. SHA-1 is a secure algorithm, but is not foolproof. LinkedIn could have made the passwords more secure by ‘salting’ the hashes, which involves merging the hashed password with another combination and then hashing for a second time. Even so, unless the password is a dictionary word, or very simple, it will take some time to crack.

Anyway, it is better to change your LinkedIn password now.

Watch the below Video to know the steps for changing the password of the LinkedIn account.

Find below the simple steps to change your LinkedIn account password.

Step 1

Mouse mover on your Name at top right corner and click “Settings” link.

Step 2

Click “Change” link located near “password”.

Step 3

Click “Change password” after entering old password and the new password.

If you don’t remember your old password, you can use the “forgot password” option in the sign-in page.

Share

Related News:

  1. Social Media plays important role in World Economics Forum Annual Meeting at Davos, Switcherland
  2. Apple Buys the Social Media Analytics Firm “Topsy”
  3. Taiwan fines Apple for dictating iPhone price to local carriers
  4. Update your Firefox browser to fix the vulnerability