Heartbleed bug fatal flaw in a key safety feature for surfing the Web makes all you passwords vulnerable

  • AMoonHawk

    Posts: 11406

    Apr 11, 2014 4:19 AM GMT
    http://money.cnn.com/2014/04/09/technology/security/heartbleed-bug/

    "Security researchers have uncovered a fatal flaw in a key safety feature for surfing the Web -- the one that keeps your email, banking, shopping, passwords and communications private."
  • Posted by a hidden member.
    Log in to view his profile

    Apr 11, 2014 4:23 AM GMT
    This site is not affected, since it doesn't use SSL.

    Basically, we've all been vulnerable to hacking from the very beginning. icon_lol.gif
  • Posted by a hidden member.
    Log in to view his profile

    Apr 11, 2014 4:25 AM GMT
    But who would want to hack us? We aren't that interesting. icon_lol.gif
  • Posted by a hidden member.
    Log in to view his profile

    Apr 11, 2014 4:35 AM GMT
    Well, some people are lazy and use the same password for all of the websites they're on.
  • Posted by a hidden member.
    Log in to view his profile

    Apr 11, 2014 1:11 PM GMT
    buy a password manager app for your desktop and cell
  • Posted by a hidden member.
    Log in to view his profile

    Apr 11, 2014 1:25 PM GMT
    Sites that were in jeopardy, and which ones should have their password changed now or not yet.

    http://money.cnn.com/2014/04/10/technology/security/heartbleed-passwords/index.html?hpt=hp_t3
  • MarvelClimber

    Posts: 511

    Apr 11, 2014 4:32 PM GMT
    It's a good idea to change your social media passwords. The financial industry doesn't use OpenSSL, so those you're safe with. Though the vulnerability went public, it has been around for years. Despite all these viral warnings, people still keep simple passwords like their name or pet's name, their address, or other info that easily accessible.
  • Posted by a hidden member.
    Log in to view his profile

    Apr 11, 2014 8:47 PM GMT
    I use a multi-tiered approach to passwords. For sites like realjock where having my account compromised wouldn't really hurt me I use the same password; forums, etc. (and facebook and twitter, if I used them). At the other end of the spectrum, my bank, I use a unique password. Similarly for my credit card and mutual fund. I have more than one gmail account; I use the same password for them and yahoo. Only use the same password for the "junk" or non-critical accounts. For critical accounts always use unique passwords.

    Several years ago I was using my junk account password with gmail and someone got ahold of my password and started using my gmail account for sending spam.