The Great LinkedIn Leak

Initially, LinkedIn was in denial.  Finally, they did the right thing; they admitted that something might have gone wrong, and requested millions of their users to change their passwords.   I know firsthand because I received an email from them notifying me of ‘the possible issue’.  Naturally, I clicked on the link in said email, went online to LinkedIn and changed my password.  Well, rather, it was forced upon me; I was denied access into my account with my old password.

In spite of all this, I like the procedure LinkedIn adopted, as it quickly forced all the affected users to take action and, even if they didn’t take action, protected them anyway.

The problem here is, how many of you are using your LinkedIn password elsewhere?   Luckily I wasn’t; but I’m ready to bet many did.  Well, if you did,  change it everywhere you can, everywhere you remember using it.  Why?  When you lose a password, the issue isn’t so much with the account where you lost it, but it’s more to do with all your other accounts wherein you use that one same password.

I use a criteria of importance (or site prioritization, if you like) to overcome this issue; unimportant sites – I use a not so strong password; if it’s compromised and someone gets into those accounts, no much damage can come of it.  For the important places, I use a strong password.  But here lies the secondary issue; if I lose that password, I need to change it on all of them (which I did).

Password strength and protection are a long standing issue in IT security.  But then again, locks are a long standing issue in human history.  If you walk into a history museum, chances are very high that you’ll see some very odd looking locks and keys, testimony of humanity’s long standing attempt to secure certain places without blocking access for everybody.   But, wherever there’s a door, there’s a lock, which begs the natural situation wherein someone will likely attempt to open it.  We haven’t resolved this issue; no, not by a long shot.  We’ve only transposed it to cyberspace, made it of bits and bytes instead of iron and steel.  But the underlying concern remains unchanged.  If a place is important, protect it with a strong key.  Of course, you can’t be 100% certain you’ll be safe, but least you can make things difficult for the would-be perpetrator.