LinkedIn profileDerek Walter

LinkedIn beefs up account security with session management, detailed alerts

Professional networking site LinkedIn is rolling out new features that allow users to easily manage authenticated sessions across multiple devices and better understand what caused security-related changes on their accounts.

The site has added a new page under account settings called “See where you are logged in” that lists the user’s active sessions, complete with the corresponding location, IP (Internet Protocol) address, browser type and operating system.

Users often access their accounts from devices they don’t own, even though this is not a good security practice. Those devices can be a friend’s mobile phone or a public computer in a library. Unless they hit the sign out button when they’re done, an active session can remain open on that device allowing other users to later access their accounts.

LinkedIn’s new session management page gives users the opportunity to remotely close sessions that were unintentionally left opened on other devices.

The company is not the first large online service provider to add this capability though. Facebook introduced a similar feature in 2010 and Google has had it for Gmail since 2008.

LinkedIn has mostly played catch-up to other websites when it comes to account security features. Such was the case with two-factor authentication and full-session HTTPS (HTTP Secure).

Another improvement announced by the company this week is the addition of more detail in email notifications sent to users when security-related changes are made to their accounts, such as when their password is changed.

“The added information gives your more insight into when and where the account change took place, including the date and time and details on the device the changes were made on such as the browser it was running, the Operating System (OS), IP address, and approximate physical location,” said Madhu Gupta, LinkedIn’s head of security and privacy, in a blog post Wednesday.

The company also added a new account data export feature similar to the one offered by Google, Facebook and others.

“This single download will let you see all the data LinkedIn has stored on your account, including your updates, activity, IP records, searches, and more,” Gupta said.

Subscribe to the Security Watch Newsletter

Comments