Few Internet users realise that the world wide web is the most unsafe place in the world. It records every click you make, every site you visit and every tiny bit of information that you store – be it a text message, a photograph, an audio file, or a video report.
You are not anonymous on the web. Your every move can be tracked, and in fact, is being tracked. You may consider that your data is safe behind a password. But it is not.
Ask Linkedin, the world’s largest professional site. It suffered a “data theft” in 2012. It is only now – that is four years later – that the true scale of that “theft” is emerging. As many as 1.67 million accounts were compromised, and those logins and passwords are up for sale today.
Leakedsource.com mined and scraped the dark corners of the net and has put together a list of the passwords that the Linkedin members used . The passwords make you scratch your head in disbelief.
According to Leakedsource.com, as many as 753,305 Linkedin members used 123456 as their password. Either they didn’t care or they don’t know. Some of the other gems on that list as shown in the chart above are : linkedin, password, 123456789, 111111, 123456. For the full list of top 50 passwords that the members used visit Leakedsource.com.
Even a child could have cracked those passwords. Forget about professional hackers. What’s worse, after crafting such easily-hackable passwords, some of these members did not even bother to change them.
Now, Linkedin is desperately trying to do damage control. In an e-mail to its members, Linkedin says: “On May 17, 2016, we became aware that data stolen from LinkedIn in 2012 was being made available online. This was not a new security breach or hack. We took immediate steps to invalidate the passwords of all LinkedIn accounts that we believed might be at risk. These were accounts created prior to the 2012 breach that had not reset their passwords since that breach.”
If your account was one of those, you must change the password immediately. The information that was compromised, according to Linkedin, is: “Member email addresses, hashed passwords, and LinkedIn member IDs (an internal identifier LinkedIn assigns to each member profile) from 2012.”
You must also change any such naive passwords that you may have created on other social media or mail sites. Make sure that they are strong and safe.
Strong passwords
According to Microsoft, a strong password:
- Is at least eight characters long.
- Does not contain your user name, real name, or company name.
- Does not contain a complete word.
- Is significantly different from previous passwords.
- Contains characters from each of the following four categories: uppercase letters (A, B, C), lowercase letters (a,b,c), numerals (1,2,3) and symbols (#%&).
Please follow these guidelines religiously. Also, make sure you change your password at regular intervals.