These things are becoming more commonplace than ever. With news swirling about a huge compromise of passwords on Linkedin – many are worried about whether they were one of the 6.5 million reported to have been affected by a serious break of LinkedIn’s security. Here’s a rundown of what you should do right away to protect yourself.

First, go to LinkedIn’s website and change your password. Others have commented on the difficulty in doing this anywhere but the website, so I suggest you do it there. You can get to your password settings by logging into your account and finding the settings page. When you get there, click on the “Change” link next to Password. Choose a good, unique password.

Next, you may want to know if your password  was actually compromised. Password storage tool maker Lastpass has made a tool available to test whether your password was actually compromised (go to the tool). You enter in your previous password to see if it was on the list of those compromised. Yes? Good, you’ve changed your password. No? Good, you’ve changed your password.

Alternatively, you can generate an SHA-1 password hash on your own and check for that hash in another database here.

It is also worth noting that the list of compromised passwords is only a partial one (with others not published), so in cases like these, you’ll just want to assume that ALL passwords were compromised (including yours) and start questioning how LinkedIn safeguards your data.

I generally recommend that if you are using that same password anywhere else – it would be smart to change that password in those locations too. If your password is known, it may be used on alternate sites to gain access. If you haven’t done so already, look into using some sort of password manager (see my favorite here). As a nice bonus, most of them can generate strong, unique passwords for every site you use.