Heartbleed’s effect: a storm of password change requests

The Heartbleed problem is long fixed, at least on the major website around the world.

But, the effects of this problem are by for not gone.

I received at least 10 emails in the past week asking me nicely to change by password.

 

leanpubheartleed

 

Last week, a major vulnerability called “Heartbleed” surfaced for the OpenSSL encryption used on many websites.  This vulnerability affected many websites that we use every day, including Google, Yahoo and Amazon.  This also included Leanpub.

When we learned of this last week, we took immediate action to address the issue.  We have no evidence of any Leanpub customer data being accessed, and we do not store your credit card information on our servers.  However, due to the nature of this specific vulnerability, it would be extremely hard to prove that no unauthorized access had occurred.

So, you should change your password on Leanpub, as well as on many websites you visit.

 

So, the big question is: should we change all our passwords?

Yes, we should do that! But for reasons which have nothing to do with Heartbleed.

It is important to change your password regularly, once every few couple of months.

The more important the account, the often you should change its password.

And if the website allows two-factor authentication then by all means, do activate it.

Here you can find more information about how to do this.

 

And don’t forget to read the eBook “Improve your security“:

 


© Copyright 2014 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since year 2000 in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is an independent IT Security Consultant focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

%d bloggers like this:

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close