Navigate

Wednesday, April 16, 2014

Protect Yourself from the HeartBleed Bug

The big internet news is the HeartBleed bug that isn't on your computer but a security risk found on some websites that use a certain type of encryption called OpenSSL. As I suggested last week, you might want to change your passwords on the websites you use, especially if you use the same password for many of your sites (that is a NO-NO!). But which sites are still affected? Are your passwords still at risk? Hopefully, I can help you with some of these issues to give you a little peace of mind.

So, how do you know if the website you are visiting used the OpenSSL or has updated their security? Browser helpers called extensions are now popping up to alert you to websites that have not updated. For the Chrome browser you can ChromeBleed extension and with the FireFox browser, you can get the HeartBleed Checker or the FoxBleed Add-on. As of this writing, Internet Explorer and Safari have yet to have an add-on, so I encourage you to consider using a browser with the extension for a little while. 

Of course, changing your password on a site that hasn't updated their security means your information is still vulnerable. There may be situations where you just wish to remove your information. That may not be as easy as you think. Sometimes you may have to search and search a website trying to find out how to remove your information.  Just Delete Me is a directory that gives you removal information on a wide range of websites just in case you cannot find out where to delete your account. At the very least, change the password to something unique to that website only so your sign in information on other websites is not at risk.

The last thing is something I have already blogged about in the past. Many people have the browser save their passwords but there are some issues related to this. If your computer dies or the hard drive fails, you are out of luck and all your passwords are gone, as in totally GONE!  Then there is the security issue. If someone has access to your computer, they have access to ALL your passwords in a couple of clicks. You can also choose to write down your passwords (which isn't a bad thing if you can lock it up to protect it from theft) but if there is a fire, your book may not be available when you need it most. Also, weeding through hundreds of passwords can be time consuming in a book.  I recommend using a software program like Last Pass, Password Genie, SplashID or many of the other password management options that are available these days. With hundreds of websites and all of them with different passwords, a manager is a must. It also encrypts and saves your information so it can be accessed with ONE, hopefully very strong, master password from any computer. If you are concerned about the security of a password manager, the companies can't open your password data.☺

No comments:

Post a Comment