By Ian Bush

PHILADELPHIA (CBS) - Yesterday’s LinkedIn hack left millions of user passwords for the business social networking site in the wrong hands (see related story). Experts recommend members change their passwords — but to what, exactly?

As tedious and tough to remember as it will be to have a dozen different passwords, it’s just a bad idea to use the same login across multiple sites — especially the ones that know sensitive stuff about you.

“LinkedIn has your personal information, Facebook, your email. Spend the time, get more complicated, add some numbers, some capital letters.”

CNET’s Bridget Carey says some people like to use their favorite song. For instance, pick the first letter of each word in the first line, add a number that’s important to you, and something identifiable to the site you’re signing into.

But don’t make it too specific: one of the concerns in the LinkedIn attack is that hackers were able to crack the term “LinkedIn” because its hash, or scrambling algorithm, appeared over and over again in users’ chosen passwords.