It was reported today that millions of LinkedIn passwordswere compromised.

If you have a LinkedIn account I recommend you changeyour password as soon as possible and not wait for LinkedIn to notify you. Youshould use a different password for every web site however if you used yourLinkedIn password on any other sites you should change the password on thosesites as well.

Updating Your Password on LinkedIn and Other AccountSecurity Best Practices

http://blog.linkedin.com/2012/06/06/updating-your-password-on-linkedin-and-other-account-security-best-practices/

http://preview.tinyurl.com/bszcxlk

I recommend you use KeePass (free utility) to manage allyour user ids and passwords. You can contact the TSO help desk for helpinstalling KeePass.

I have written a presentation Password Managementusing KeePass which can be found here:

http://www.cc.gatech.edu/~krwatson/presentations/passwordmanagementusingkeepass.zip

http://preview.tinyurl.com/88fastc

Here are some news articles about the compromisedpasswords:

Hacker Claims He Stole 4.5M LinkedIn Password Hashes

http://www.wired.com/threatlevel/2012/06/linkedin-passwords-stolen/

http://preview.tinyurl.com/7bru6sy

LinkedIn passwords in circulation - Update

http://www.h-online.com/security/news/item/LinkedIn-passwords-in-circulation-Update-1612022.html

http://preview.tinyurl.com/7syabps

LinkedIn has confirmed the compromise.

An Update on LinkedIn Member Passwords Compromised

http://blog.linkedin.com/2012/06/06/linkedin-member-passwords-compromised/

http://preview.tinyurl.com/cxje9xo

Keith Watson

CoC Information Security Manager