Scandalous Insights LinkedIn says in their blog: We are working hard to protect you, but there are also steps that you can take to protect yourself, such as: Make sure you update your password on LinkedIn (and any site that you visit on the Web) at least once every few months. Do not use the same password for multiple sites or accounts. Create a strong password for your account, one that includes letters, numbers, and other characters. Watch out for phishing emails and spam emails requesting personal or sensitive information. LinkedIn - you can make it easier for your users to perform these tasks, you could auto expire passwords, have strength indicator, and even verify with other sites that they don't have the same password: Login with the credentials given You can even implement SPF, DKIM, etc correctly to make your mail better. You don't implement this security for UX and marketing reasons, instead you implement security to stop your users from being able to use your site better.... - Daniel W. Crompton