SpirE-Journal 2012 Q3

Side Click: The problem with passwords

Reader's Ratings:

Side Click: The problem with passwords

The hacker attack on LinkedIn has highlighted a burning issue which marketers should respond to when designing online platforms, such as loyalty accounts – the need to balance security against the danger of password fatigue.

Hacker attack on LinkedIn

Professional social networking website LinkedIn was hacked into on 5 June 2012, compromising 6.5 million users’ accounts or about 4 percent of LinkedIn’s 150 million-users database. Those affected by the attack were no longer able to access their accounts. LinkedIn took swift action to mitigate the situation, first by apologizing to its users, invalidating the affected accounts and resetting their passwords.


Despite the prompt corrective action taken, LinkedIn could face an uphill task in the coming months. Barely two weeks after the breach, it was slapped with a USD5 million lawsuit seeking class action status. In the longer term, major breaches may lead to scam emails and account takeovers, which in some cases will compromise credit card and bank account information. LinkedIn has enlisted the help of the FBI to investigate the hacking.

The importance of password protection

The LinkedIn breach has thrown into the spotlight the importance of password protection. Passwords are integral to almost everything we do online. They protect our identities and the sensitive information in online accounts, from social media to things like frequent flyer programs and loyalty program redemptions.

The rules of thumb for consumers to use passwords wisely should be well known but are all too often not followed:

Complexity: Randomly capitalize, as well as add punctuation and symbols

Variety: Do not use the same passwords for different websites

Length: Create strong passwords with at least 10 characters

Security: Never give your password to others or write it down

In search of the balance point between security and password fatigue

The onus is on both users and hosts (of social network or online membership sites) to ensure the security of passwords is not jeopardized.

However, time is increasingly the most scarce commodity of all. With most consumers having to manage many passwords and trying to avoid repeating passwords, password fatigue is a huge issue – to the extent that it may actually deter consumers from making use of online loyalty sites or subscriber content sites.

What should marketers who design such sites do?

Options to consider include:

Creating functionality that allows individuals to request information to be emailed to their email accounts without signing into the site

Allowing auto sign-ins from individual IP accounts

Allowing the use of biometric information or digital signatures for signing in

Above all, hosts have to ensure that their defenses are resilient enough to withstand malicious attacks, and to encourage users to review their passwords frequently.

Back to Top

Back to Home