The LinkedIn Password Theft

by | Jun/26/2012

News stories started announcing on June 6, 2012 that 6.5 million Linked In passwords were stolen. This is just another reason to use secure passwords, change them often, and to use different passwords at each web site. Of course, you probably won’t do this because it is too much trouble, unless…

You can help solve the problem of using different passwords on each site and still remembering the passwords by using a password manager.

Password managers, in theory, remember all of your passwords for you. You only need to remember a single password – the password for your password manager.

There are also password manager “apps” for portable devices.

For home, there are several options including KeePass or the ever-popular roboform. Apple includes Keychain as part of the operating system.

Are password managers secure? First of all, they almost have to be more secure than users who use the same password at every site, have never changed it, perhaps have given the “secret” password to others or even have the password written proverbial yellow sticky note on their monitor.

What about allowing your browser, such as IE, Firefox, Chrome, or Opera, to remember your passwords for you? In certain conditions it is easier for attackers who are outside of your network to access the password storage feature in browsers than in a password manager.

What about recording passwords in an encrypted spreadsheet or document stored on the computer? The main problem is that such storage is less convenient to use. That means it may not be used. If you do choose this route, be sure to name the encrypted file something other than “my passwords.” As an example, you might name the file, “my list of unmatched socks.”

When setting passwords, make them long. Learn more about password security on this post.

For the office, talk to your IT department to see what password management tools they will approve for use on your network.

In any case, if you haven’t already, change your LinkedIn password. It is good practice to change the passwords frequently for your most important sites. You may decide that changing the passwords every 30 days is best for you. Change your passwords for your important sites at least every 90 days.

Please post your comments below