Unless you’ve been off on a deserted island somewhere (and if you have, good for you), chances are you’ve heard about the Heartbleed bug which involves network software called OpenSSL. As Internet users we’ve been taught that we’re safe on secure websites with “https” in the URL. That’s the scary part – this bug compromised the “safe zone” we’ve come to rely on.
Heartbleed is being called one of the biggest security threats the Internet has ever seen. Announcements like that tend to lead to panic. Understandably so – this serious security threat does have the potential to expose users’ private information. The key word there is potential. The good news is that researchers found the flaw first – not hackers.
Yes this is a big deal, but there are 5 simple things you can do to protect yourself and your information over the next few weeks:
- Don’t panic. A common reflex is to immediately log on and start changing passwords. That won’t do you any good until the site you’re using has dealt with Heartbleed. The new password you enter will still be vulnerable. Sit tight. Deep breaths.
- Check which sites you use have been affected – Keep in mind, not every site you use has put you at risk. Before you go through the trouble of looking up every site, Mashable has done a lot of the work for you with an updated list of which sites have been affected by Heartbleed.
- Update passwords, AFTER the sites have been patched – I repeat: wait before you update passwords. Make sure that the site has patched the problem first. LastPass has set up a Heartbleed Checker tool that you can use to check sites before you make the change.
- Keep an eye on sensitive online accounts – Although most banks are reporting that they are not vulnerable, U.S. regulators are warning banks to patch their systems anyway. In the meantime, keep a close eye on accounts for the next few weeks.
- Stop using P@ssword! as your password – This unfortunate security issue has made all of the password123 users all the more aware. Not only is it important for passwords to be hard to guess, it’s also important to create unique passwords for each account and site. That way, if your password is ever compromised on one site, that information can’t be used to access other important online accounts on other sites. Here are some tips for creating strong passwords.
Not so bad, right? These are five relatively simple things that we can all do to protect ourselves. Thankfully the Internet (even though it kind of broke) comes to the rescue with a lot of great resources that can help to make the process a little less painful.