It was reported in the news that 100 million LinkedIn Accounts were for sale on the Dark Web.
LinkedIn previously reset the passwords of those accounts they believed were compromised in 2012, but it seems many more accounts were compromised than previously believed.
LinkedIn's response should have been to reset all the users passwords and implemented better protection for the new passwords.
From a user perspective, we need to ensure we are using different passwords for each of our web services. Why? Well if your LinkedIn password is the same as your email provider, other social media accounts, cloud storage, etc, then the compromised password could be replayed into a number of websites and services to gain access to those.
Although it's not two-factor authentication, two-step verification will give some additional security to your LinkedIn account. Not only will this add security to your account, it's also free. The instructions to switch on two-step verification for LinkedIn is relatively straightforward.
Don't forget your other web accounts, as two step verification is available for Google, Facebook, Microsoft, Twitter and many other site. If the websites and services you use aren't taking your security seriously, should you be using them?
A Cyber Security professional, who currently holds EU GDPR Practitioner, CISSP, MCSE:Security and MCTS certifications.
No comments:
Post a Comment