[caption id="" align="alignleft" width="260" caption="LeakedIn"][/caption]Never 'check' your password. Change it!
The last few weeks, it came to light that some major websites were hacked and millions of passwords were leaked. LinkedIn is only one of them. A few hours later, a website appeared called LeakedIn, that allowed you to enter your password, they then encrypted it the way LinkedIn did, and compared it to the list of stolen passwords. A red light meant that your password was stolen.
There is something very wrong with checking if your password was leaked. First of all, who are these LeakedIn people? Could be a social engineering trick to get your password! Worse, they might be well-meaning but what about the bad guys compromising their website?
If there is credible news that a website you often visit has been hacked, and passwords leaked, use your bookmark to go to that website and change to a strong password or passphrase. And please note, if you get an email that looks like it is from one of your fave websites, states that you need to change your password, and has a link to click on, NEVER CLICK THE LINK. This is very likely a phishing email. Always use your own bookmark or type in the name of the site in your browser's address bar. That way you are sure you are on the actual site, instead of a fake. To end off, while you are at it, if you have used that same password on other sites, go there and change the password as well.
Yes, I know it is hard to keep track of all these sites and passwords, so we all tend to use the same password all over the place. That is a major no-no. Use a password manager that can generate secure passwords and automatically logs you in. I have been using lastpass for a few years and like it a lot.
lastpass:
The last few weeks, it came to light that some major websites were hacked and millions of passwords were leaked. LinkedIn is only one of them. A few hours later, a website appeared called LeakedIn, that allowed you to enter your password, they then encrypted it the way LinkedIn did, and compared it to the list of stolen passwords. A red light meant that your password was stolen.
There is something very wrong with checking if your password was leaked. First of all, who are these LeakedIn people? Could be a social engineering trick to get your password! Worse, they might be well-meaning but what about the bad guys compromising their website?
If there is credible news that a website you often visit has been hacked, and passwords leaked, use your bookmark to go to that website and change to a strong password or passphrase. And please note, if you get an email that looks like it is from one of your fave websites, states that you need to change your password, and has a link to click on, NEVER CLICK THE LINK. This is very likely a phishing email. Always use your own bookmark or type in the name of the site in your browser's address bar. That way you are sure you are on the actual site, instead of a fake. To end off, while you are at it, if you have used that same password on other sites, go there and change the password as well.
Yes, I know it is hard to keep track of all these sites and passwords, so we all tend to use the same password all over the place. That is a major no-no. Use a password manager that can generate secure passwords and automatically logs you in. I have been using lastpass for a few years and like it a lot.
lastpass: