LinkedIn has confirmed a breach of millions of passwords. Now's the time to think about the security of all your online accounts.
News of millions of LinkedIn passwords leaked through a user on a Russian forum is scary enough. It's important not to let the situation get worse. Be proactive about protecting your other accounts, particularly if they have the same password.
If that's the case, it's time to change it, Jeremiah Grossman of WhiteHat Security said in an email to CNET.
He offered a few tips via a blog post on how not to get hacked on the web.
"You wouldn't have the same key for your home, car, office, safe, etc," Grossman wrote. "For the same reason you shouldn't use the same password for all your online accounts."
He recommends picking passwords that are hard to guess, not found in the dictionary, six characters or more in length and have a mix of numbers and letters. Two examples are y77Vj6t and JX0r21b.
Since having multiple passwords can be hard to remember, you can write down the passwords on a piece of paper that fits in your wallet, or on index cards that can be locked in your desk. Or you can use a password manager, which is software that stores your password and encrypts the data, Grossman suggested.
Chris Wysopal, of Veracode, said it's also good to keep a password manager, like the Password Wallet app, on your phone, so you can access them easily if you are away from your computer. Additionally, he said that it's important to change passwords if they have similar patterns. For instance, he said that one of the hacked passwords he saw was "scottlinkedin", which could potentially be a security risk for Scott's other accounts.
"Someone might go to Facebook and try 'scottfacebook'," he said. "It's good to have unique passwords for each one, but the pattern is so obvious, it's good to change the other passwords."