Heartbleed (Password Related)

#1 Edited by Shadowchronicle (26039 posts) -
  • http://www.wired.com/2014/04/heartbleedslesson/
  • http://www.howtogeek.com/186735/htg-explains-what-the-heartbleed-bug-is-and-why-you-need-to-change-your-passwords-now/

Just a count of hands but how many of you know about this? I haven't seen a topic on heartbleed so I decided to post this. Hopefully I didn't repost this again but I think it is a relevant topic. What are your thoughts and are you going to change your passwords?

Heartbleed Victims

#2 Posted by GTR12 (9663 posts) -

I know what heartbleed is and how it works but those articles are stupid, it doesn't mention the simple fact that if you were to change your password, your account can still get hacked/broken into if the website still hasn't patched the vulnerability.

#3 Posted by Korvus (3907 posts) -

Hadn't heard about this before. Oh well, that means my GS account, my almost dead email account and my WoW account (if that still exists) are in jeopardy, oh no! =P

#4 Posted by Iszdope (10130 posts) -

"Heartbleed"..?

Sounds like the title of a lame ass The Cure song or something.

Not worried.

#5 Edited by Shadowchronicle (26039 posts) -

@GTR12 said:

I know what heartbleed is and how it works but those articles are stupid, it doesn't mention the simple fact that if you were to change your password, your account can still get hacked/broken into if the website still hasn't patched the vulnerability.

Actually the HTG one did say that.

#6 Edited by LostProphetFLCL (17504 posts) -

Knew about this because Gearbox actually just sent me an e-mail about this yesterday.

Not really concerned TBH...

#7 Posted by LostProphetFLCL (17504 posts) -

Knew about this because Gearbox actually just sent me an e-mail about this yesterday.

Not really concerned TBH...

#8 Posted by CrimsonBrute (23597 posts) -
@Iszdope said:
Not worried.

http://www.creepyasianguy.com/wp-content/uploads/ITooLikeToLiveDangerously.jpg

#9 Posted by BranKetra (48750 posts) -

Changing any vulnerable passwords is definitely a good idea. Next Monday morning should be enough time from now to allow the servers to change from the vulnerable OpenSSL to the secure SSL. Thank you for passing along this information, ShadowChronicle.

#10 Posted by angeldeb82 (1043 posts) -

@BranKetra said:

Changing any vulnerable passwords is definitely a good idea. Next Monday morning should be enough time from now to allow the servers to change from the vulnerable OpenSSL to the secure SSL. Thank you for passing along this information, ShadowChronicle.

Where did you get that info from?

#11 Edited by BranKetra (48750 posts) -

@angeldeb82 said:

@BranKetra said:

Changing any vulnerable passwords is definitely a good idea. Next Monday morning should be enough time from now to allow the servers to change from the vulnerable OpenSSL to the secure SSL. Thank you for passing along this information, ShadowChronicle.

Where did you get that info from?

I said next Monday because How to Geek's report states that major companies should have already began updating their encryption software last week. From then until Monday next week is more than enough time, but I am giving them extra time for the sake of not having to make another password change because one I enter now may or may not be as vulnerable as my current passwords. Smaller companies and websites were also considered.

#12 Posted by Iszdope (10130 posts) -

@crimsonbrute said:
@Iszdope said:
Not worried.

Yeah baby.

#13 Posted by angeldeb82 (1043 posts) -

And the worst has just happened.

Bits: Heartbleed Internet Security Flaw Used In Attack