Heartbleed – indeed

Posted by on 10 Apr, 2014

heartbleedWell this is interesting. For over two years, there has been a vulnerability in the way that secure websites operate. This affects a large chunk of websites and services on the internet and I’m sure we’ll be hearing a lot about it over the coming weeks.

The scary part is that it’s impossible to know if anyone has been taking advantage of it. Unsettling to realise that transactions that everyone thought were 100% secure may not have been.

The repercussions of this actually go quite deep, but in our everyday lives, this probably isn’t a big deal. What’s more important is what we do next.

The advice is to check if any websites you have used were vulnerable, wait until they confirmed that they have been fixed, and then change your password.

In reality, very few people are actually going to do that. Still, this does raise once again the issue of password security.

Here is what we are all supposed to be doing:

That’s a tall order and I have yet to meet someone that follows all of those rules. Still, security is important and becoming more so as we put more of our lives online.

If you are at all concerned, change your passwords.   This article usefully lists some of the most common websites and whether they were vulnerable and what you should do.

There are tools available that can help you follow the guidance above. Certain web browser password plug-ins can be used that take care of all of this, giving you a secure and different password for every site you use. You only need to remember one password to unlock the chest.

New technologies using wearables and biometrics are coming that are going to make all of this much much easier. Of course, they will probably end up getting hacked as well, but at least you won’t have to make up silly combinations of loved ones names and dates of birth any more (bad idea, by the way).

If security is a concern and you’d like some help with staying secure online but in a way that’s easy to manage, let us know and we can help set you up.

 


What is a secure password?

 

A password that includes uppercase letters, lowercase letters, and symbols or numbers, and is not a word found in a dictionary. Also called a strong password.

  • if your password is password1
  • if you’ve used the names of people you know with important dates
  • if you have the same password everywhere
  • if your password is a word in the dictionary

Then today is a really good day to update your passwords.  If you’re not going to put a different password everywhere, at least pick one that’s very secure and use it everywhere.  Or contact us and we’ll set you up with some software that will manage this for you.

One trick I use to make a secure password is to take two short words and put a number in between. dog87cat is actually a hard password to crack. red22toaster, big377truck, finger214pie, I could go on…

Comments are closed.