LinkedIn: Don’t just change your password, do this

Don’t just change your password, do this

I disagree with a lot of the sites that have made the simple recommendation to change your LinkedIn password. LinkedIn added the recommendations that users change passwords at other sites, change passwords often, and use greater complexity (more combinations of numbers, letters, characters and capitals). I’m going to go one step further and be very specific in my recommendations.

• Change your LinkedIn password to something new and unique. Make sure this password is not one you currently use, or will use on another site. This is to be known as your LinkedIn password and nothing else. If hackers still have access to the LinkedIn servers, this will prevent them capturing another shared password.
• Change the passwords on any and all sites or resources that shared your previous LinkedIn password. Make them complex and unique. If you have trouble remembering passwords, use a web-based tool like Last Pass (one example of many available). If you used that password inside your work environment anywhere, notify your administrators and have the password(s) changed immediately.
• Backup your LinkedIn connections. There’s an export feature on the site. Just in case your account is compromised further later, you’ll at least have that. Rebuilding the network is the most time-consuming task.
• Lock your credit reporting accounts. If you fear other accounts may have been compromised, and someone may have access to your personal information, you may want to contact your credit reporting agencies and ask them to lock inquiries on your accounts. This will prevent anyone from opening new fake credit or banking accounts in your name. This is for those of you that are paranoid or have a lot to lose.

See related links for more on the LinkedIn breach.

• Correcting colleagues on LinkedIn salting and hashing details
• Three reasons you care about the LinkedIn breach

# # #