What We Learned From LinkedIn’s Hack: Tips for Password Security
You’ve probably heard all about the hack of over six million LinkedIn members’ passwords last Monday and ten thousand Twitter accounts more recently. In case you haven’t, you can check to see if your password was compromised here. Even if your password wasn't one of the millions that were compromised, it's still a good idea to change it.
If you use the same password for all of your accounts (which is extremely ill-advised) you should change those as well. Using strong passwords doesn’t just apply to LinkedIn and Twitter. It’s important to remember to use strong passwords on all your accounts. Strong passwords consist of at least eight characters and include letters, numbers and/or symbols. Changing your password often is also important. Some companies require employees to change their password every few months, but if yours doesn’t, you should remember to do it anyway.
Most of us have multiple social media accounts and other logins associated with our jobs. Passwords that protect confidential company information are even more important to keep safe. Creating strong passwords that vary aren’t the only things you should be doing. Here are a few tips to keep passwords out of the wrong hands:
- Don’t Leave Passwords Lying Around: Lock them up in a file cabinet, your desk or other safe storage device. Just don’t write them on a sticky note and ‘hide’ it under your keyboard or leave it in a desk drawer.
- Don’t Give Your Password to Others: If someone absolutely must have access to your account, change your password before you give it to them, and change it back when they are finished.
- Never Give out Your Password in an Email: No reputable organization will request your password in an email. If you receive this type of email, it’s almost certainly a scam. If you believe the sender to be legitimate, call the company’s customer service representative and check before you give them a password. Most importantly, never, ever follow a link in an email pointing to a site which requires a login.
- Don’t use the Default Password: If you’re assigned a username and password, you may not be able to change the username, but you definitely should change the password unless it’s a hard requirement that you keep the assigned one.
- Change reset passwords: Forgot your password? This can usually be fixed with a call to tech support or by clicking the ‘Forgot Password?’ link and having the site send you a new one. When you get back into your account, change the password to something else immediately.
- Don't use computers at Internet cafes or in hotel business centers: Or if you do, don’t visit sites that require a login. Computers at internet cafes or hotels are full of adware, spyware, keyloggers and other types of malware that usually aren’t apparent to users.
All of these things could provide another person access to your accounts.
A few more password pitfalls to avoid are: passwords with words spelled backwards, common abbreviations and misspellings. Passwords with personal information like pet names, birthdays and nicknames are also weak.
If you’re worried about forgetting multiple passwords, there are many services like KeePass, 1Pass and LastPass that will securely store your passwords for you. If you’re unsure if your password is complex enough, you can check the strength of your password here.
Are there any password security tips we forgot? Let us know on Facebook, Twitter, or in the comments section below.
For more on social media, read:
Facebook in the News: 3 Tips for Successful Mergers and Acquisitions
Fired Over Facebook!
Think Before You Tweet: Don't Let Twitter Cost You Your Job