Last week news broke about the Heartbleed bug, a vulnerability that affects the way secure websites communicate with your computer. Tech blog Mashable writes: “The bug has affected many popular websites and services — ones you might use every day, like Gmail and Facebook — and could have quietly exposed your sensitive account information (such as passwords and credit card numbers) over the past two years.”
Scary stuff, no doubt. You should check the freshly updated full list at their site, but here’s the glimmer of good news: all the banks and financial institutions Mashable reached out to (and that’s quite a few) were completely unaffected.
So what should you do? Change your passwords. And don’t just add one to the end of your current password. Make secure passwords, and use a database to keep them straight. My recommendation is for long, non-dictionary passwords. It’s a hassle, but it’s a price we ought to be willing to pay for the benefits of doing business on the internet. I use a secure program, 1Password*, to keep my existing passwords straight, and to generate new passwords when I make new online accounts. I’ve personally gotten to the point where I don’t know what most of my passwords are, but I know the one password I need to access them.
If you’d like help implementing a system like that, let me know. For now, check the Mashable database of affected sites, and change your passwords accordingly.
*1Password is just one of many apps like this. Lastpass is another good one, and Apple even has iCloud Keychain now, which is great, and is free!