Late last week the story broke that nearly six and a half million LinkedIn account passwords has been stolen and leaked on the Internet. It turned out that two other sites, eHarmoney.com and last.fm were also hit and had account security breached. LinkedIn’s Vicente Silveira says that those members who had their passwords leaked should have already been notified by email by now. So if you haven’t heard anything from Linked about your account being breached, you’re probably in the clear.

How much are your stolen web passwords worth to online criminals? Bloomberg reported that criminals were selling the access codes to LinkedIn accounts for as little as one dollar. This is in contrast to online banking passwords which can go for anywhere from $15 to $850 each. While hacked social media accounts generally have no access to money, a leak is still serious because the personal information thieves gain about you can make it much easier for someone to steal your identity online.

How to protect your online passwords

Choose strong passwords to begin with. Choose a combination of upper and lowercase letters, numbers and symbols such as %@#. Common names and common nouns are among the weakest passwords.

Don’t make your password easy to guess. Don’t use the name of your kids, pet, or spouse. Phone numbers, addresses and birthdates are also poor choices.

Don’t pick passwords that are made up of patterns on the keyboard. Qwerty and 123456 are amongst the most common passwords used and the easiest to guess.

Don’t use the same password for every site. This can be challenging, because we all have so many online accounts to manage now. However, if your LinkedIn account password was hacked last week, and you’ve used the same one for your online banking, email and other sites, those accounts could now be at risk too.

The most common passwords (not to use)

SplashData published a list of the 25 worst passwords taken from millions that were stolen and posted online by hackers. Predictably, the worst offender of the bunch was simply the word ‘password.’ Family members’ names, common words, keyboard patterns and sequences of numbers round out the weakest passwords.

The 25 weakest?

  • password
  • 123456
  • 12345678
  • qwerty
  • abc123
  • monkey
  • 1234567
  • letmein
  • trustno1
  • dragon
  • baseball
  • 111111
  • iloveyou
  • master
  • sunshine
  • ashley
  • bailey
  • passw0rd
  • shadow
  • 123123
  • 654321
  • superman
  • qazwsx
  • michael
  • football

 

Get creative. Think up phrases and word/number/symbol combinations that are not easy to guess, but that you can remember. A password that is so complicated that you can’t remember it yourself isn’t very useful either.

 

Peter Harris

Peter Harris on Twitter