Hack concerns many LinkedIn users

June 6, 2012 12:00:00 AM PDT
A Russian hacker has reportedly broken into two of the busiest sites on the Internet. Altogether eight million passwords were posted on the web -- 1.5 million from eHarmony, the online dating site, and another 6.5 million passwords, stolen from the professional networking site LinkedIn. LinkedIn is based in Mountain View where they are scrambling to protect their millions of users.

If you linked-in, your password might have been leaked out. Online LinkedIn confirmed that some of the passwords that were compromised correspond to LinkedIn accounts.

"LinkedIn should have done a better job of protecting this user data and LinkedIn also did not use best practices for storing the passwords," said Dan Auerbach from the Electronic Frontier Foundation.

You can tell if your account was compromised if your current password will not work. LinkedIn says they'll send an email with instructions for resetting it. But the damage is done, likely making other banking or email accounts vulnerable.

Auerbach: I think the biggest problem today is that users use the same password on multiple websites and they use passwords that are too short.

Brinkley: You're saying you need a different password for every website you log onto?

Auerbach: In order to be secure the answer to that is yes.

And many of us are guilty of having weak passwords.

"I pretty much have the same password for all of my accounts," said LinkedIn user Eden Brown.

"I'll probably go ahead and change my password," said LinkedIn user Chuck Smuckler.

"Every time you write in your password, you're trusting those are going to be secure," said another man.

The experts suggest downloading software like KeePass or Keychain that keep track of all of your different passwords.

"Your security is only as strong as the weakest link and with the proliferation of web services, there's a lot more opportunities for the weakest link," said Auerbach.

And experts say your password should be a random sequence of 25 characters and you should have different random sequence of 25 characters for every website you touch. It seems overwhelming, but the direction the cyber security is moving in. You might even need a password to access all of your passwords.


Load Comments