In the last month you may have heard about the Heartbleed security bug in the news. Heartbleed is a security bug that affects web servers for many popular websites, and it has the potential to expose user data entered into websites, apps, email, and chat.
Sounds bad, huh?!
Fortunately, there are things that you can do to protect yourself from the Heartbleed bug and keep your online accounts safe.
Steps to take:
- Watch for announcements from service providers that they have fixed the problem. Once a fix has been implemented, immediately change your password (see tips below) on these sites!
Many sites such as Facebook, Instagram, Twitter, and Google (gMail, Google+, YouTube etc…) have already fixed their sites. To check to see if a specific site has been affected by Heartbleed visit: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
You can also use the Heartbleed Checker tool which allows you to enter any URL to check its vulnerability. https://lastpass.com/heartbleed/
- Monitor your sensitive accounts (email, banking etc) over the coming months to watch for fraudulent activity. If something seems strange, report it and change your password right away.
The infographic below displays popular sites have been affected by the Heartbleed bug, passwords that experts recommend you change and what kind of information may have been vulnerable.
Click to Enlarge
Courtesy of LWG Consulting
Creating Strong Passwords:
While changing passwords on sites affected by Heartbleed is crucial, it’s equally important to create strong passwords that will keep your account safe.
Passwords that are easy to guess words or phrases such as password, admin or 1234 are not strong passwords.
When creating new passwords aim for passwords that are:
- Eight or more characters
- Contain upper and lower case letters
- Contain numbers
- Contain symbols such as ! ? % $ * ^ #
- Don’t use dictionary words as passwords (hackers often use online dictionaries that try out every word until they find the right one).
The strongest passwords will use a mix of all of the characteristics listed above. For example, Vis^wEKa19 or sOld=winO16 are examples of strong passwords.
If you need help creating a password, websites such as www.onlinepasswordgenerator.com will generate strong passwords for you.
Additional Password Tips:
- Change your passwords frequently (every three to four months).
- Don’t use the same password on your accounts.