Heartbleed is one of the biggest internet threats on the planet.
Detected in early April, 2014, Heartbleed is a disastrous computer bug with the potential to divulge website encryption keys, usernames, passwords, and user info to criminal hackers. The vulnerability was found in OpenSSL, a preferred cryptographic tool created to secure communications between a user’s browser and a web server. The way to tell if you are on one of these potentially affected sites is to look for a padlock sign in the web site address bar or if the address starts with ‘https.’
This means that any information you exchange on these sites may be at risk. This means that you can be fairly sure that any site where you have a username and password may be affected. Not all sites are at risk, but user beware, better to be safe than sorry.
According to Errata Security’s Robert Graham, more than 300,000 servers worldwide are still at risk.
Here are few simple steps you can take to help you protect yourself:
- Change your passwords on all websites you use including your online banking.
- Use different passwords everywhere as opposed to the same password and change your passwords often.
- Create difficult passwords mixing symbols, cases and numbers. Ideally your password should have at least eight characters, preferably many, many more. The characters should be random, and not follow actual words alphabetically, or from the layout of your keyboard. According to Mark Burnett, security consultant and four time winner of the Windows Security MVP award, “While many people have improved the security and strength of their passwords, there are still a huge number of people who pick from a very small list of common passwords. In fact, 91% of all user passwords sampled all appear on the list of just the top 1,000 passwords.”
- Use anti-virus, anti-spam, anti-malware and anti-phishing software as well as a firewall which are all created to prevent breaches of security.
- After all of the above, if you are still stressing over your internet security vulnerability, try using AVG Web TuneUp which will show you which of your web sites may still be at risk for Heartbleed when you use it for searching.