Heartbleed: Change Your Passwords, Now

Screen shot 2014-04-10 at 11.46.42 AMSo, I’m not 100% on what the hell Heartbleed is, but I think it goes a little something like this: Change these passwords, NOW! Which ones? To start, Facebook, Tumblr, Google/Gmail, Yahoo/Yahoo Mail,  Go Daddy, TurboTax, Dropbox, OkCupid, and SoundCloud.

Mashable has a great, detailed list. The above are the highlights. So, is it a big deal? Well, a computer-security expert the entire Internet is quoting (because it’s a good quote and is indebted to This is Spinal Tap) had this to say: “’Catastrophic’ is the right word. On the scale of 1 to 10, this is an 11.”

So what is it? Heartbleed is a major security bug that affects SSL encryption, which is basically how things get encrypted between a server and a client. You don’t need to know exactly what that means to be concerned.

From the Heartbleed website:

“The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).”

This is a bigger pain in the ass than I’d expected. I’ve never felt pressure to come up with so many new passwords! Oh yeah, please don’t use the same password for all your sites. It’s a smart bet to start using something like LastPass, which creates different, tough to crack passwords for all of the sites you sign in to, that you access via one master password. The idea is that passwords should look more like 56&89kl09#4 than like daiSey83, but it’s tough to keep track of unique, random passwords for every site that requires one. They’ve also been kind enough to offer the internet the LastPass Heartbleed checker, which you can use to check sites you use.

So, check your sites, change your passwords, and maybe even change up the way you’ve been handing passwords all together. Do it now.

One Comment