Change All Your Passwords, Because Heartbleed Is Upon Us

0 comments

heartbleedmeberPhoto: Courtesy of Heartbleed.com.
If you're reading this here and for the first time, you might be the kind of person who doesn't pay much mind to news about online security threats.

Today, you can't be that person.

That's because an encryption bug called Heartbleed was discovered yesterday, and it may have affected many if not most of the secure websites you frequent.

You know that little lock you sometimes see in the URL bar of your browser? It indicates that a site is using SSL (Secure Sockets Layer) protocol, which is basically a standard security encryption. Heartbleed, however, allows potential attackers to gain access to bits of information that are exchanged during an SSL session, like passwords and credit-card numbers.

If you, like one colleague I overheard today, are saying to yourself, "What's an attacker going to steal — my already-maxed-out credit cards?" Just think about the amount of time you'll need to spend apologizing to your professional network after your email gets hijacked and sends out spam to your entire address book. It ain't worth it.

So, which passwords do you need to change? Well, most of them. (Facebook? Yes. Google? Yes. Dropbox? Yes.) You could check on individual sites here, but Mashable has also compiled an impressive list of vulnerable sites. Spend a few minutes updating your passwords today, and you're in the clear. (Mashable)