You will have probably seen the blanket media coverage this week of LinkedIn getting hacked and losing six million passwords. And rumors are already starting to spread around the web that these passwords are already being used by hackers in phishing attacks, targeting users for their financial details by installing malware.
Luckily, security company Lastpass (who I personally recommend for password management) have released a handy tool that lets you check if your password was on the list of those passwords that we're hacked.
Lastpass insist the tool is totally safe as they take the SHA-1 hash password and send it to a database of the 6.5 million passwords (which is public for all to easily decrypt anyway) and queries if yours is one of the unlucky ones.
Although the service is totally secure, we recommend that no matter what happens today, you start by changing your password not just on LinkedIn, but any other site that uses the same password.
Want to check if your password was hacked?
If you want to check if your password is included on the list that has been circulating the internet, the first step you should take is to change your password immediately. You should have a look through your account and remove any sensitive information you might have on it, especially if it’s the likes of private messages.
Then visit LastPass https://lastpass.com/linkedin/ and enter your password.
The form will then encrypt your password into the standard used by LinkedIn and query the released passwords to see if your password is there.
If your password is not included in the list, you will see.