It has been a long week for online security.

LinkedIn, Last.fm, and eHarmony have reported that account passwords may have been compromised. In the case of LinkedIn, an estimated 6.5 million password hashes were publicly released, with many more possibly compromised. While Last.fm has not definitively confirmed that passwords have been compromised, they do suggest that all users change their passwords as soon as possible. eHarmony, on the other hand, joins LinkedIn in confirming a breach of security.

I happened to have accounts at both LinkedIn and Last.fm. While one of them was using a slightly older hand-generated password, the other had been regenerated using 1Password just last month when I signed in after a long absence. Since I began using 1Password around this time last year, my procedure has been to 'upgrade' hand-generated passwords to much more secure passwords when I log in to the service for the first time.

Good security practices paid off when I realized that even though both of those passwords should be considered compromised, I was absolutely certain that a compromise of the randomly-generated one did not put any other services at risk. 1Password (and other services like it, such as LastPass and KeePass) allows me to generate numerous passwords with pretty good entropy without having to worry about remembering them.

This written work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.