6.5 Million LinkedIn Passwords Hacked
This post is a little different from the usual online marketing or pay per click management posts we typically have here at Kinsey Street but it is an important one for our readers and clients none-the-less.
As reported on Mashable, about 6.5 million LinkedIn passwords have been hacked and leaked online. Mashable also has an article about how you can check LinkedIn your password to see if it is on the list of the 6.5 million that were hacked. The password checking tool is provided by LastPass and can be accessed here: https://lastpass.com/linkedin/
This is important stuff so be sure to go check on the security of your LinkedIn password now before reading the rest of the post. Keep in mind that the tool merely checks what you type in against the list of hacked passwords that has been posted. It does not store your password nor does it ask you for your login. However, you can never be too safe so I do recommend being logged out of LinkedIn and using Chromes Incognito feature when accessing the tool.
OK, did you check? Are you secure? No? Then change your password immediately and then read the rest of the post. Also, any other account (Gmail, Yahoo mail, Twitter, Facebook, AdWords, etc) where you use the same login and password needs to be changed as well.
All secure now? Good.
Now for a little fun with some enlightening and rather concerning results. Type in the most common words you can think of into the tool and see if the password checking tool returns a match. Keep in mind that the password must contain 6 or more characters, so the word you typed in will need to be as well.
Here is a few I typed in:
password – yes (Really? Someone uses ‘password’ as their password?)
password123 – yes (Well, at least this person added numbers.)
abc123 – yes
abcdef – yes
123456 – yes
qwerty – yes (A top of the keyboard favorite.)
linkedin – yes
google – yes
facebook – yes
monkey – yes
chicken – yes
pickles – yes
seattle – yes
houston – yes
seahawks – yes (Seattle’s football team.)
sounders – yes (Seattle’s soccer team.)
texans – yes (Houston’s football team.)
cheaptrick – yes (One of my favorite bands – and no, not my password.)
barackobama – yes (The 44th POTUS)
mittromney – no (hmmm, not sure if not used or if it wasn’t hacked.)
ronpaul – yes
democrat – yes
republican – yes
robert – yes
bubbles – yes
yahtzee – yes
Of all the entries I tried, all but two (mittromney and my own personal LinkedIn password) came back as being compromised. When you look at the passphrases above, they have something in common, they are all simple words. Simple words DO NOT make effective passwords. Nor due simple number combinations.
What is really scary is that many people will use the same password and login information for their bank account as they do with their LinkedIn account.
If your own passwords fall into the above category but you were lucky enough not to be hacked, I encourage you to take the steps to change your passwords now.