We got another look at our increasingly wired world last week thanks to Russian computer hackers who exposed more than 6.5 million LinkedIn passwords and posted them online. If your password was among the unlucky millions, LinkedIn will be sending you an email with instructions to reset it.
It took most of the day for LinkedIn to confirm the security breach, even though mainstream and digital media had been reporting the incident for much of the day. In a blog post, the company also apologized.
“We sincerely apologize for the inconvenience this has caused our members. We take the security of our members very seriously.”
Personally, I’m glad LinkedIn takes my security seriously. Even though I haven’t received an email, I think I will reset my password anyway. And that got me thinking… I’m going to have to reset A LOT of passwords. And I bet I am not alone!
Security experts will cringe at my confession here but I use the same password for several sites. Yep, I am guilty of sacrificing security for simplicity. But I don’t think I’m alone in doing this either because our brains are filled with combinations of letters and numbers creating passwords for everything from PIN numbers for bank-accounts to email logins, e-commerce sites and social networking sites.
Ian Robertson, a professor of psychology at the Institute of Neuroscience and School of Psychology at Trinity College in Dublin, Ireland, did a study of this and had an interesting finding: the average person now has to remember five passwords, five PIN numbers, two number plates, three security ID numbers and three bank account numbers just to get through everyday life.
Brain hurting yet? There’s more. A 2007 study of Web users by Microsoft Research found that the average user has 6.5 Web passwords and that those passwords are used across multiple websites. The researchers also report each user has about 25 accounts that require passwords, and types an average of 8 passwords per day.
So what’s a tired person with a tired brain to do? Change your password first. Longer term? Ironically, Professor Robertson says the more we cheat and keep a list of passwords securely hidden somewhere or stored on your phone, the worse we will be at remembering passwords.
The brain is like a muscle: use it or lose it. In that sense it’s actually better to change your passwords every six months or so to exercise your brain and train it to remember. That way, when another fiasco like this LinkedIn password leak won’t send you scampering to change your online banking, Gmail, Facebook and other passwords due to overlap.
Of course you can also use a tool like Evernote, or secure websites such as Keepass or Dropbox. But of course, you need a password to get into them.