I was very disturbed last week to read that hackers had ditributed the results of an excursion into the LinkedIn site.
My password was potentially one of those that had been published by the perpetrators. Now LinkedIn is one of the sites that I use quite a lot in business and I did not want some person hacking into my profile and messing with almost 10 years of carefully crafted biography and a list of people who have influence or have influenced me.
I immdeiately changed the password. This is a major irritation as I use an algorithm to create my password for each site I use. The algorithm, DBS Password Algorithm (DPA) is always the same but the result creates a site specific password and most importantly with the potential for "old timers" increasing, I don't need to remember the password just the algorithm. Password reluctantly changed using the now called Modified DBS Password Algorithm (MDPA)
I did some more research and found that one enterprising organisation had created an application that took your LinkedIn password and checked the hash value to see if it was on the list.
I checked out the company and it seemed reputable but I was a little scared to put in a pssword that I had used. Maybe this site was just using a clever marketing app to get you to buy their product.
I went to it here and decided to try it with one of my other passwords. Chose my work log in password that complies with DPA and DPA generates a strong password. Negative so I started to have some belief in the application and the company. I next put in my old LinkedIn password. Red appeared on the screen. Mine was one of the compromised passwords.
To make sure I did try it a couple of times and got the same result. I then tried the new MDPA generated password and it came up negative.
Yes I am glad that my password is now changed but the fact that the site was hacked is worrying. On the bright side I am glad that the hackers released their results as it alerted all Linkedin users to change their password. on the negative side if they hadn't hacked I would only have to remember one algoritm not two.
Still the lesson is you can't be too careful out there!