I have been seeing news over the past couple days about the brute force attacks on LinkedIn accounts. It should go without saying that you should have good password practices when it comes to your accounts and you should always try to set up a MFA when available. I have found a password manager to be indispensable in permitting me to generate highly complex passwords and enter them easily between my devices (don’t you hate entering a 35+ character complex password manually on you phone). Between all the accounts used for my eCommerce businesses, my accounts in consulting, and my personal, I have too many to try to keep track of without a vault/manager.
If you have not changed you password to something complex for LinkedIn, let this be your wakeup call to do so. And while you are at it, you may want to consider adding 2FA to your account to help stop a brute force attack. Some things I experienced changing my account Wednesday…
I tried changing the password on my PC through Chrome to a 30+ character complex password and kept getting an error that the password was too short. Went to 40+ and got the error, went to 15 and got the error, removed complexity and got the error.
At that point I went to my phone to try and my password would not work anymore. All other browsers stopped working, however the original chrome profile I was using continued to log me in all day Wednesday and Thursday.
I was not satisfied with not knowing which complex password cached so I did a password change through “Forgot Password” and it worked fine for me. However, if you run into that, make sure you have access to the email account for the password reset and that your account was not compromised already.
If you want to read more about the compromise, I found this article to be good.