OpenSSL's Heartbleed bug has made worldwide news this week, and for good reason: it compromised the security of a huge portion of the web (including TR). Because the bug potentially exposed passwords to prying eyes, many have called on users to update their passwords as soon as possible. But which passwords need updating? Which sites have yet to fix the bug, and which ones were never affected in the first place?
To help ease the confusion, the folks at Mashable have put together a handy, non-exhausitve list of major online services, including banks, and where they stand with respect to the Heartbleed bug. The list outlines whether a given site was affected, whether it's patched the hole, whether you should update your password, and any statement that service may have released about the issue.
I'm seeing a lot of "Yes" ticks in the "Do you need to change your password?" column for some major services, including Google, Yahoo, Facebook, Dropbox, GoDaddy, and
TurboTax. Even Minecraft users will need to update their passwords, Mashable says.
I guess I know what I'll be spending my evening on. If you're stumped for ideas, keep in mind that short sentences with punctuation can be more secure and much easier to remember than single words or cryptic alphanumeric sequences. Or, you know, you can always look up a password generator and use a password management service to keep track.
Update 4/11: Turns out TurboTax is not affected by the Heartbleed bug. A public statement by the company says users can update their passwords if they wish, but Intuit isn't "proactively advising [users] to do so." Mashable has also updated its story to reflect that point.
|We discuss the GeForce GTX 970 memory controversy||24|
|WSJ: Microsoft to back Cyanogen with $70M investment||18|
|You've goat to check out Silicon Power's new thumb drive||45|
|The TR Podcast 169 video: Win10, Elon's musk, and the gimpy GTX 970||0|
|In the lab: Dell's Venue 8 7000 tablet||25|
|Qualcomm posts record revenue, loses high-profile design||16|
|Intel refreshes high-endurance server SSDs with 20-nm NAND||15|
|The TR Podcast is live on Twitch right now||1|