Yesterday I shared a technogeek notice about the internet wide security bug known as HeartBleed. “Catastrophic is the right word. On the scale of one to 10, this is an 11,” blogged Bruce Schneier an internationally renowned security technologist, called a “security guru” by The Economist. This was truly a serious issue.
This bug was part of the security protocol that is widely used by a large part of the internet community world wide and it was a fairly serious issue. It affected you whither or not you realized it.
This afternoon I’m beginning to receive notifications from the several host providers I work with explaining there was an issue and they have patched the bug to close the security hole. Of course they said it with a lot more techno-gargen, but the point is, they fixed it on their servers.
The Yahoo blogging platform Tumblr has advised the public to “change your passwords everywhere – especially your high-security services like email, file storage and banking”. Says BBC News – “Heartbleed Bug: Public urged to reset ALL passwords“.
What that means for you:
If you do any kind of business online that requires a login, you’ve been impacted. It’s especially important for sites where you store your financial information, not only your bank, but if you have a subscription for reading a newspaper or magazine online, a game, or an app on your phone, even if you pay for some type of hosting service for email, blogging or paying bills; you need to change your passwords.
Now for the task of resetting ALL my passwords. Ugh. I hope you take the advice and do the same thing. Remember a good password has:
- At least 8 characters or more
- 1 capital letter
- At least 1 numeric character
- No repeating characters
- A generic symbol, if allowed
And try not to use something that’s connected to you, like the name of your children, pets, or any family member. Don’t use something you’re a fan of, like your favorite race car driver (Tony Stewart 😀 ), or sports teams.
A good password is unusual or so normal that it could be anything, like GraVelrd01!
Some security experts are suggesting you change all your passwords now, and then do it again at the beginning of next week. Many companies are patching or have applied the patch already to close the security hole. But some companies may require more time to implement the fix, and it could take the rest of the week or even through the weekend. Thus changing your passwords again next week could be a good idea.
Good luck! Hope everyone escaped this bug without harm!