As you may have heard in the news, LinkedIn has confirmed that over 6 million user passwords have been compromised and posted online. While it does not appear that associated email addresses were included in the leaked data, there is still a risk if you use the same password across many websites, including the McGill and your home network.
If you are a LinkedIn user, you should change your password as soon as possible, keeping in mind the guidelines below. If you were using the same LinkedIn password for other websites, email accounts, etc., make sure to change them to unique passwords immediately!
Whether you are or aren’t a LinkedIn user, we strongly recommend you follow the following strong password guidelines:
- Never use the same username and password on multiple websites, devices and networks. It’s like having a skeleton key that opens every door; once hackers have account information for you, they can try to use it on many other sites.
- Don’t use a word that can be found in the dictionary. It’s relatively easy for hackers to gain access to accounts that use a dictionary word or common word as a password.
- Create a password that contains at least 8 characters if possible, with letters, numbers, symbols and spaces.
- Use letters in both upper and lowercase. Usually, the longer the password is, the better it is. Restrictions vary by operating system and application.
- Insert characters and digits in the middle of words instead of the end or the beginning (ex: pa$$w0rd is better than $password0).
For more information, see the article on Strong Passwords in the IT Knowledge Base.