Results 1 to 8 of 8

Thread: Heartbleed encryption bug - Changer your PW

  1. #1
    Join Date
    Dec 2012
    Location
    Bedford, NH
    Posts
    1,683

    Heartbleed encryption bug - Changer your PW

    Received an email alert yesterday regarding the “Heartbleed” encryption bug. Recommendation was to change your PW

    Google has a number of other links that relate to the


    https://www.google.com/#q='Change+Al...active&tbm=nws

    Looks to be true, anyone else receive this?
    Thoughts entering one's mind need not exit one's mouth!
    As I age my memory fades .... and that's a load off my mind!

    "We Live In The Land Of The Free, Only Because Of The Brave"
    “The problems we face today are there because the people who work for a living are outnumbered by those who vote for a living."
    "
    Socialism is a philosophy of failure, the creed of ignorance, and the gospel of envy, its inherent virtue is the equal sharing of misery." Winston Churchill

  2. #2
    Join Date
    Feb 2012
    Location
    St. Catharines, Ontario, Canada
    Posts
    2,749
    Cheers,
    Roger


    The other member of Mensa, but not the NRA

    Everyone is a self-made person.

    "The thing about quotes on the internet is that you cannot confirm their veracity" -Abraham Lincoln

  3. #3
    Join Date
    Oct 2006
    Location
    ABQ NM
    Posts
    30,020
    When the going gets weird, the weird turn pro. - Hunter S. Thompson
    When the weird get going, they start their own forum. - Vaughn McMillan

    workingwoods.com

  4. #4
    Join Date
    Jul 2007
    Location
    DSM, IA
    Posts
    5,719
    So how do I remember my current passwords in order to change them??
    A man is rich in proportion to the number of things he can afford to let alone. -Henry David Thoreau
    My Website


  5. #5
    Join Date
    Mar 2007
    Location
    Escondido, CA
    Posts
    5,174
    Sheesh! And where to begin? Anybody read the whole article? Won't help until the affected sites make the fix. I have not received any alerts other than here so I am bummfuzzled (technical term) as to what to do.
    ++++++

    Some say the land of milk and honey; others say the land of fruits and nuts. All together my sort of heaven.

    Power is not taken. It is given. Who have you given yours to? Hmmmm?

    Carol Reed

  6. #6
    Join Date
    Apr 2007
    Location
    No, not all of SoCal is Los Angeles!
    Posts
    9,076
    Quote Originally Posted by Jeff Bower View Post
    So how do I remember my current passwords in order to change them??
    Simply refer to your password protect file that lists all your accounts (by a vague nickname) and the current version of your password in use .

    Selecting passwords that are identical or easy to remember "at the time" makes no sense. If you have more than a dozen accounts, a systematic method is best. Decide on a pattern that meets most requirements (it ticks me off that some sites require an alpha character in the first position while others only accept certain punctuation characters but, alas) and then have a modification for each site. No, not rover1, rover2, rover3, what on earth would you do when you get a new dog!?! You'll have to try just a bit harder or just not go 'outside'. The fact is that if you have logins at locations you don't recall, that is a serious exposure. Close accounts you don't use (if possible) and update those you do. I just checked and I have whittled it down to just under 60 accounts that I have to use at work. Passwords for many of these get changed regularly. About half fall under a centralized access system so I really only have to keep track of 40 or so.
    Last edited by glenn bradley; 04-10-2014 at 07:10 PM.
    Any sufficiently advanced technology is indistinguishable from magic.
    - Arthur C. Clarke

  7. #7
    Join Date
    Jul 2007
    Location
    DSM, IA
    Posts
    5,719
    Quote Originally Posted by glenn bradley View Post
    Simply refer to your password protect file that lists all your accounts (by a vague nickname) and the current version of your password in use .

    Selecting passwords that are identical or easy to remember "at the time" makes no sense. If you have more than a dozen accounts, a systematic method is best. Decide on a pattern that meets most requirements (it ticks me off that some sites require an alpha character in the first position while others only accept certain punctuation characters but, alas) and then have a modification for each site. No, not rover1, rover2, rover3, what on earth would you do when you get a new dog!?! You'll have to try just a bit harder or just not go 'outside'. The fact is that if you have logins at locations you don't recall, that is a serious exposure. Close accounts you don't use (if possible) and update those you do. I just checked and I have whittled it down to just under 60 accounts that I have to use at work. Passwords for many of these get changed regularly. About half fall under a centralized access system so I really only have to keep track of 40 or so.
    Yep, I was only half kidding...I have a pretty good system that I use to change all my passwords to apps, email, etc on a regular basis. I work as a vendor inside a customer's home office so I have to jump thru hoops several times a day to get to my employer's web access/software so I had to develop something that I could remember and change regularly. Must include an upper case, lower case, symbol and number and be at least 9 characters long. Also every 6 months I have to get security clearance, new username and passwords in order to gain access to the customer's systems...been here over 7 years, but they still don't trust me I guess. Meanwhile most people that work here have a sticky note on the monitor with all their usernames/passwords for everyone to see.
    A man is rich in proportion to the number of things he can afford to let alone. -Henry David Thoreau
    My Website


  8. #8
    Join Date
    Dec 2012
    Location
    Bedford, NH
    Posts
    1,683
    Regardless if it may be "early" to change one's PW because the SSL breach hasn't been fixed yet, I think it's a good idea to do this frequently anyway, i.e. every 6 months. Plus, if they are just now finding out about this breach after it's been here for a couple years, why not do it any way using a "secure/complex" PW on financial accounts just as a course of habit. It's my understanding that the URLs using the SSL are the ones beginning with https vs. http. So, that might suggest if you have any vulnerabilities.
    Thoughts entering one's mind need not exit one's mouth!
    As I age my memory fades .... and that's a load off my mind!

    "We Live In The Land Of The Free, Only Because Of The Brave"
    “The problems we face today are there because the people who work for a living are outnumbered by those who vote for a living."
    "
    Socialism is a philosophy of failure, the creed of ignorance, and the gospel of envy, its inherent virtue is the equal sharing of misery." Winston Churchill

Similar Threads

  1. encryption software for my lap top ?
    By Don Baer in forum Off Topic Discussion
    Replies: 18
    Last Post: 09-17-2014, 09:33 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •