LinkedIn adds location to password alerts, session kills and data export

LinkenIn Alert

LinkenIn Alert

LinkedIn has added new security features that play catch up with other social networks but also might have helped celebrities who were victims of this week’s iCloud account photo leak.

Being locked out of a LinkedIn account by a hacker who’s compromised it might not have the same impact as hacked iCloud account. The hacker, for example, can’t brick an iPhone and most likely won’t be able to steal sensitive selfies. But a compromised LinkedIn account for those that use the service is nonetheless unwanted and if there is a way to see whether a device that is not near you is logged in, ideally you could log them out and change your password.

LinkedIn on Wednesday rolled out a new feature that offers a way for members to see when when they’re logged in to multiple devices. A new link to a “sessions” in the “settings” page on LinkedIn tells users how many sessions they’re signed into. It includes details about current sessions, the browser name, operating system, carrier and IP address, which is used to give an approximate location of the device through which the session is occurring.

While it could be useful, the new feature simply brings LinkedIn up to par with the same capability that Facebook introduced in 2010, following a Facebook notifications feature that let users approve devices to be used for Facebook and was coupled with alerts when an account is accessed from a unapproved device.

Similar to LinkedIn’s feature, Gmail users can see when they’re signed into concurrent sessions and sign out of all of them at once. Apple’s iCloud doesn’t show when concurrent sessions are in use, but it does let users sign out of all browser sessions. 

LinkedIn has also spruced up its password change email alerts. Like many online services, LinkedIn sends an email to the registered address when a password reset has initiated, and when it has been changed.

LinkedIn now provides the date and time and details on the device the changes were made on, such as the browser it was running, the operating system, IP address, and approximate physical location. Maybe it’s useful to know when and where you changed your password, or conversely, to know that someone, somewhere not where you were has changed your password. Either way, it adds some context to the standard email alert.

“The added information gives your more insight into when and where the account change took place,” explained Madhu Gupta, LinkedIn’s head of security, privacy and customer service products.

Finally, LinkedIn is following steps by Facebook and Google to let users download their data.

“So we’ve added the ability to easily export all of your LinkedIn data with one click. This single download will let you see all the data LinkedIn has stored on your account, including your updates, activity, IP records, searches, and more,” wrote Gupta.

What she didn’t mention though was that it may take 72 hours for LinkedIn to compile the archive. Still, it offers data that is otherwise inaccessible, including activity, and account history, such as who invited you to join LinkedIn, to the time of your latest login. Here’s the help page that explains how to do it. 

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join the CSO newsletter!

Error: Please check your email address.

Tags LinkedIn adds locationLinkedInMadhu GuptaCSOsocial networksoperating systemsGmailFacebook securityEnex TestLabGooglepassword alertssecurity featuresdirectors for CSOiCloud hacked72 hour archiveCSO AustraliaiCloudiCloud account photo leak

More about AppleCSOEnex TestLabFacebookGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place