Search This Blog

Friday, April 11, 2014

Heartbleed bug in OpenSSL

Is your password safe?  What is the Heartbleed bug that people are talking about and do I really need to change my passwords?

The Heartbleed bug is kinda complicated, but basically it tricks servers into giving them access to whatever data is in memory right next to the connection spot.  Here is more information from nakedsercurity if you are interested in the details.

But the big question is "Is your personal data at risk?"  Here is a website that can help you answer that question.  It checks to see if a site has used the OpenSSL in the past (LastPass) and if they have fix it (Heartbleed test).

Bottom line:  The chances your password was hacked is very small.  Wait until you hear from the site that they have fixed the problem and then change your password.  Don't be in too much of a hurry or you may just give your new password away to the bag guys.  (Oh, a never ever follow a link to log in.  Always always type the URL in yourself.)

1 comment:

Anonymous said...

scary to think.