What Heartbleed means for you, and how you can protect yourself.
What this means for you:
- The secret keys used to encrypt your personal data may have been compromised. This bug has left a large amount of private data exposed.
- Attackers could eavesdrop on your communications, steal data directly from your open web services, and impersonate you with your information.
Users can take action against the bug:
- Check a website for vulnerability: http://filippo.io/Heartbleed/
- Stay away from popular websites that are not yet patched.
- If the website has been patched, change all passwords immediately and use a free password manager to secure them.
OpenSSL is a popular cryptographic library, used to keep many of the world’s websites secure on the internet. Many online services use OpenSSL, making this a potentially serious security breach for most internet users. As long as a vulnerable version of OpenSSL is being used by a website, it can be abused. A new patch has been released for websites to use, and all previously used passwords should not be reused.
You can use SpeedyPassword to generate new passwords, and securely encrypt them to protect your personal information and accounts.
More information about the heartbleed bug can be found at: http://heartbleed.com
November 4, 2014 / By: Andrew Macklin