LinkedIn adds location to password alerts, session kills and data export
- 04 September, 2014 12:59
LinkedIn has added new security features that play catch up with other social networks but also might have helped celebrities who were victims of this week’s iCloud account photo leak.
Being locked out of a LinkedIn account by a hacker who’s compromised it might not have the same impact as hacked iCloud account. The hacker, for example, can’t brick an iPhone and most likely won’t be able to steal sensitive selfies. But a compromised LinkedIn account for those that use the service is nonetheless unwanted and if there is a way to see whether a device that is not near you is logged in, ideally you could log them out and change your password.
LinkedIn on Wednesday rolled out a new feature that offers a way for members to see when when they’re logged in to multiple devices. A new link to a “sessions” in the “settings” page on LinkedIn tells users how many sessions they’re signed into. It includes details about current sessions, the browser name, operating system, carrier and IP address, which is used to give an approximate location of the device through which the session is occurring.
While it could be useful, the new feature simply brings LinkedIn up to par with the same capability that Facebook introduced in 2010, following a Facebook notifications feature that let users approve devices to be used for Facebook and was coupled with alerts when an account is accessed from a unapproved device.
Similar to LinkedIn’s feature, Gmail users can see when they’re signed into concurrent sessions and sign out of all of them at once. Apple’s iCloud doesn’t show when concurrent sessions are in use, but it does let users sign out of all browser sessions.
LinkedIn has also spruced up its password change email alerts. Like many online services, LinkedIn sends an email to the registered address when a password reset has initiated, and when it has been changed.
LinkedIn now provides the date and time and details on the device the changes were made on, such as the browser it was running, the operating system, IP address, and approximate physical location. Maybe it’s useful to know when and where you changed your password, or conversely, to know that someone, somewhere not where you were has changed your password. Either way, it adds some context to the standard email alert.
“The added information gives your more insight into when and where the account change took place,” explained Madhu Gupta, LinkedIn’s head of security, privacy and customer service products.
Finally, LinkedIn is following steps by Facebook and Google to let users download their data.
“So we’ve added the ability to easily export all of your LinkedIn data with one click. This single download will let you see all the data LinkedIn has stored on your account, including your updates, activity, IP records, searches, and more,” wrote Gupta.
What she didn’t mention though was that it may take 72 hours for LinkedIn to compile the archive. Still, it offers data that is otherwise inaccessible, including activity, and account history, such as who invited you to join LinkedIn, to the time of your latest login. Here’s the help page that explains how to do it.
This article is brought to you by Enex TestLab, content directors for CSO Australia.