What Anomalies Trigger The LinkedIn Sign-In Verification Challenge?

LinkedIn prompts users to take additional steps when it determines that the logon attempt is unusual. What activities does LinkedIn consider suspicious? This isn’t well documented, but here are a few possibilities.

According to LinkedIn, the service presents a security challenge when the user attempts to sign-in “from an unfamiliar location or device” or when the service detects “suspicious web activity.” In this case, the user might be emailed a verification link or presented with a CAPTCHA challenge.

The security challenge could come up when the user accesses LinkedIn from a new country. In this case, the person would see:

“This sign-in attempt seems unusual for you. As a security precaution, please check your email to verify this sign-in attempt.”

The email message will explain, “Someone just tried to sign in to your LinkedIn account from an unfamiliar location, so we want to make sure it’s really you.” The email will specify the IP address and the country where the attempt originated. The recipient will be advised to click a button to verify the sign-in attempt or click another link to change the password.

image

Watch out, scammers might misuse this text for phishing!

LinkedIn also presents the verification prompt after an extended absence according to one report on Twitter. Another sighting on Twitter suggests that LinkedIn might be checking for frequent login/logout actions from a single location, though specifics of this logic are a bit unclear.

image image

To reduce the likelihood that the sign-in verification prompt will come up, LinkedIn recommends against signing out “each time you use LinkedIn during the day.” Strangely, the service also suggests that “you sign out at the end of each day.” (I doubt that’s very practical advice.)

It’s great to see that LinkedIn has been taking measures to strengthen its authentication practices!

Update: LinkedIn now offers two-factor authentication. For some thoughts on this feature, see my Google Plus post on this topic.

If this topic interests you, you will also like:

Lenny Zeltser

Updated

About the Author

I transform ideas into successful outcomes, building on my 25 years of experience in cybersecurity. As the CISO at Axonius, I lead the security program to earn customers' trust. I'm also a Faculty Fellow at SANS Institute, where I author and deliver training for incident responders. The diversity of cybersecurity roles I've held over the years and the accumulated expertise, allow me to create practical solutions that drive business growth.

Learn more