LinkedIn confirms reports of millions of user passwords stolen – more than 60% cracked!
Following yesterday’s article amid rumours that 6.5 million passwords of LinkedIn users were stolen, these rumours have now officially been confirmed by LinkedIn.
In addition, Sophos Labs have identified that 3.5 million of these stolen passwords have already been cracked. That means that more than 60% of the stolen passwords have been published publicly online.
LinkedIn have published a statement on their official blog warning users that have been affected that their compromised password is no longer valid. These users should also receive an e-mail from LinkedIn with instructions to reset their password. The e-mail from LinkedIn will not contain any links but will provide step-by-step instruction to request password assistance.
User passwords will now also be stored in a stronger hash format to prevent any future compromises from cracking passwords so quickly. Unfortunately, the 6.5 million passwords that have already been stolen were not stored in this stronger hash format.
Don’t use the same password!
This is another example to reinforce the importance of not using the same password more than once. You can sign up to Passpack, which is a password manager that generates strong passwords and remembers them for you. Personal users can sign up for a free account that will manage up to 100 passwords for no cost.