I don’t know about you, but the first thing I did after learning about the massive LinkedIn password hack was go to LinkedIn and change my password. The second thing I did was wonder if mine was actually one of the compromised accounts.
The problem is: LinkedIn isn’t telling you whether your password is at risk. The site’s news feature, LinkedIn Today, has the story (almost certainly as a result of an automated trending new algorithm), but the site itself has no warnings or means of checking.
That’s a little disappointing — not only because LinkedIn could be doing more to help its users — but also because many users (alas, I am among them) use the same password on multiple sites.
It’s stupid, it’s wrong, and it’s insecure, but we’re human. And, as VentureBeat’s own Sean Ludwig recently posted, when it comes to passwords we are all idiots.
So here’s how to check if your LinkedIn password was among the hacked accounts that are already being used to generate phishing attacks. Go to LastPass.com/linkedin:
Enter your password, and the website will tell you whether or not your password is now out in the wild. The obvious question: is it safe to give LastPass your password?
Here’s what the company says about their tool:
Only the hash of your password will be sent to LastPass.com’s servers, not your actual password. This hash will not be stored or logged at all. Please view source the page if you’re technically inclined.
LastPass is an privately held company based in Fairfax, Virginia. Launched in 2008 by current CEO Joe Siegrist, it generally has a good reputation, and its software has been reviewed by CNet and others.
One caveat: because the search will look through all the passwords in the file, if you have a very common word or password, it will come up as compromised. For example, here’s what LastPass shows when the all-too-common password “password” is entered:
This does not mean your account is compromised, necessarily. It does mean your password is too common and should be changed. Ultimately, of course, we should all be smarter about passwords and use a tool like LastPass or 1Password to make sure we have complex and unique passwords for every single service and site we use.
Image credit: ShutterStock
Design is determining the winners in everything mobile. The most successful players are focusing on one thing: How to make products, services, and devices as compelling and delightful as possible – visually, and experientially. MobileBeat 2012, July 10-11 in San Francisco , is assembling the most elite minds to debate how UI/UX is transforming every aspect of the mobile economy, and where the opportunities lie. Register here.