LinkedIn password compromised? How to pick a secure replacement

If you are a user of social media, then the news that 6 million LinkedIn passwords have been compromised and posted online should be worrying. Not only could your reputation take a hit if someone decides to spoof your communications, but the implications could be far larger and more damaging still.

Because contrary to best practice, most people still use the same password for each of their online accounts. So if hackers get hold of that password via LinkedIn, they can then use it to get into your bank, PayPal, and Facebook accounts too. Obviously you need to (a) change your LinkedIn password and (b) come up with a new, yet memorable way to have unique passwords for each of your online accounts. 

Creating a new, secure password system

The first step to creating a secure password is to think of a common root phrase which will form the basis of all your passwords. Never, ever choose a family member’s name or similar as these are easily guessed and insecure. Instead try picking a line from a poem or your favourite song and abbreviating it. Say you elect for Feel Good Drag by Florida-based rockers Anberlin, taking the first line of the song (“I’m here for you she said“) it can be reduced to ihfyss. Good start, but not massively secure yet. Picture of a secure padlock

Next, replace any letters which look similar to numbers; in this case the letter s looks a bit like a 5 and an i looks like a 1, so when substituted, the root passphrase becomes 1hfy55. Being six characters in length, this password is relatively complex and enough to satisfy most login systems. However if used on every account, once compromised, all of your details are once again open to exploitation.

So to create unique passwords, take your root passphrase (1hfy55) and add the initial of the website. Thus your Amazon password becomes A1hfy55, PayPal is PP1hfy55 and LinkedIn can be L1hfy55 or LI1hfy55 according to your preference. So long as you remember the passphrase, the website name will remind you of the starting letters.

If you are feeling really brave and trust your memory, the password security can be improved further still by adding punctuation. An exclamation mark or similar at the beginning or end of the password makes it even harder to crack (LI1hfy55! or @LI1hfy55)

And then?

Now you have your new password system in place, all that remains is to actually change the passwords on your accounts. This may take some time, but will be well worth it in the long run!

P.S. Never, ever, ever write your root passphrase or other passwords down or you leave yourself open to theft.