Published on by

I cringe every time I visit my LinkedIn profile and see the following messages:

Your contacts are safe with us! We'll import your address book to suggest connections and help you manage your contacts. We'll only hang on to your password for a moment to authenticate your account, and we'll never email anyone without your permission.

Asking people for their email password is a very bad security practice. Wording on the LinkedIn website has been changed in the meantime not to include the "Your contacts are safe with us!" and "We'll only hang on to your password for a moment to authenticate your account, and we'll never email anyone without your permission." part so it now just says the following:

We'll import your address book to suggest connections and help you manage your contacts.

Regardless, it is still cringe-inducing that they ask you for access to your email, not to mention how stupid it is to assume that your email provider has any address book functionality, or that you are using it to begin with.

My advice is to never, ever, disclose your email password to anyone, especially if you used that account to register for PayPal, e-banking, Steam, iTunes, or other online services where a compromise of your email account could lead to losing access to the services mentioned. If that happens, you can lose money and/or digital and physical goods, not to mention the hassle of proving that you have been hacked and getting everything back to normal which in some cases might turn out to be impossible.