CIO Matters

How to change your password after the LinkedIn hack

Wendy Schuchart, Site Editor

It's been a bad week for LinkedIn, the social network for professionals. First, we learned that its iOS app was copying entire meeting notes from its

    Requires Free Membership to View

calendar section and transmitting the information back to LinkedIn. Then news dropped on the LinkedIn hack. The company later admitted that millions of its user accounts were breached via password-hacking programs.

Wendy Schuchart

First and foremost: Before you read any further, change your LinkedIn password if you haven't already. Here's how to do it: Under your name in the upper right-hand corner, click "Settings," then click the "Accounts" tab. Select "Change Password" and enter your existing password. Then choose a new password that follows best security practices -- one with a combination of letters, numbers and symbols to make it less susceptible to password-hacking programs.

Less than a day after the attack, the phishing started, with copycat LinkedIn emails trying to lure unsuspecting users to download malware. CIOs may consider drafting an email to their own corporate social media users, advising them not to click on such emails from LinkedIn and, naturally, to change their passwords. Of course, it may already be too late. Nothing drives people to action like fear, and well-meaning employees might have gotten the phishing email and already triggered a malware deployment to their own machines. Time for an unscheduled full-system sweep and virus check.

Events like the LinkedIn hack are every CIOs nightmare -- it's that late night phone call that everyone dreads. It happened to LinkedIn this time, but it could happen to your organization next time. Sophisticated password-hacking programs are making it easier for savvy hackers to gain access and, sadly, users are still using passwords like 12345. On a system with a million users, hackers can break into thousands of accounts in a matter of minutes just by repeatedly trying variations of the most common passwords.

Following the hack, LinkedIn quickly put in place some updated security measures, like hashing and salting, which make password detection much less likely through password-hacking programs. The company still insists that its mobile app -- the one that grabs your meeting notes and sends them to LinkedIn -- is a feature instead of a data privacy violation. Thankfully, and unlike a password, it's a feature you can turn off -- or avoid completely.

Let us know what you think about the story; email Wendy Schuchart, Site Editor. For midmarket IT news and updates throughout the week, follow us on Twitter @ciomidmarket.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Expert Discussion

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest