Overview
of events
On
Monday April 7th, a serious vulnerability was identified in one of the most
popular implementations of the SSL protocol, called OpenSSL. SSL
is a very important security protocol used throughout the Internet. Not only
does SSL encrypt your online communications, but it helps ensure you are
connecting to legitimate websites when you do things like shop or bank online
What it does
The Heartbleed vulnerability allows a hacker
to connect to a webserver and harvest sensitive information, which may include
your login and password. If an attacker were able to harvest such information,
they could use that information to log into any of your accounts using the same
username and password. Most sites including Facebook, Yahoo, CNN were affected.
Steps you should take
There are several steps you can take to
protect yourself. Not only will these steps help protect you against the
Heartbleed vulnerability, but they will help protect you against many other
attacks in the future
·
First, change your passwords on
websites that you know were vulnerable and have patched the vulnerability,
starting with your most important accounts first. If you do not know if a
website was vulnerable, go ahead and change your password anyway. This is a
great time to update your passwords and improve your online security.
·
Make sure you update your passwords
you use strong, hard-to-guess passwords. In addition, if the website supports
something called two-step verification, enable it. This is an additional step
that helps make your online account more secure. Finally, if your password has
personal questions, we recommend changing the answers.
·
Make sure you are using a separate, unique
password for each of your online accounts. That way, even if one website is
compromised, all of your other accounts will still be safe. Can’t remember all
of your passwords? Congratulations, that means you are using strong passwords.
We highly recommend you use this opportunity to start using a password manager
that stores all of your passwords securely. These are great tools that can not
only simplify your online activities, but help make them far more secure.
·
Do not forget your email clients. If your
email client, such as Outlook or Apple Mail, is using SSL to connect to your
mail server, you may need to change those passwords as well.
Have a safe day
No comments:
Post a Comment