For users of the online conversion tool, the next step is to download the set of hashed passwords. The dataset can be accessed from a variety of sites. One that continues to host the dataset is here at . Once the file is downloaded, simply search within the text file for the password in its SHA-1 hashed format.

If the hashed password is not found, it may be listed in another form within the database. The hackers seem to have replaced the first five characters of a portion of the hashed passwords with five zeros. Pack believes those indicate hashes that have already been converted back into their native password form. To search for the hashed passwords, replace the first five characters of the hashed password with five zeros and search the document again.

Pack also warns that even if your password does not appear on the list, users should still assume that their password could be compromised. Many times, he says, hackers will only release a portion of the compromised data to prove that they have it. That means passwords of other LinkendIn users could be compromised, even if they do not appear in the dataset.

No matter if your password is on the list or not, Pack recommends changing your LinkedIn password to a strong password that has a combination of numbers, as well as upper and lowercase letters. He recommends against using common words found in a dictionary for a password.

As of now, there is no evidence that there is any link between the hashed passwords and which users those passwords belong to, but Pack says that too should not be taken for granted. It’s possible that whoever released the data could have access to user information linked to those passwords.