OpenSSL's Heartbleed bug has made worldwide news this week, and for good reason: it compromised the security of a huge portion of the web (including TR). Because the bug potentially exposed passwords to prying eyes, many have called on users to update their passwords as soon as possible. But which passwords need updating? Which sites have yet to fix the bug, and which ones were never affected in the first place?
To help ease the confusion, the folks at Mashable have put together a handy, non-exhausitve list of major online services, including banks, and where they stand with respect to the Heartbleed bug. The list outlines whether a given site was affected, whether it's patched the hole, whether you should update your password, and any statement that service may have released about the issue.
I'm seeing a lot of "Yes" ticks in the "Do you need to change your password?" column for some major services, including Google, Yahoo, Facebook, Dropbox, GoDaddy, and
TurboTax. Even Minecraft users will need to update their passwords, Mashable says.
I guess I know what I'll be spending my evening on. If you're stumped for ideas, keep in mind that short sentences with punctuation can be more secure and much easier to remember than single words or cryptic alphanumeric sequences. Or, you know, you can always look up a password generator and use a password management service to keep track.
Update 4/11: Turns out TurboTax is not affected by the Heartbleed bug. A public statement by the company says users can update their passwords if they wish, but Intuit isn't "proactively advising [users] to do so." Mashable has also updated its story to reflect that point.
|1. Ryszard - $503||2. punkUser - $502||3. the - $306|
|4. SomeOtherGeek - $300||5. Ryu Connor - $250||6. doubtful500 - $200|
|7. Anonymous Gerbil - $150||8. cygnus1 - $126||9. danny e. - $125|
|10. SecretSquirrel - $125|
|Star Wars Battlefront trailer will leave your jaw on the desk||112|
|This week produced a bumper crop of security holes, patches||16|
|Two men have real-life flame war over iOS, Android||55|
|Report: DOJ may oppose Comcast's Time Warner acquisition||36|
|Deal of the week: A terabyte-class SSD for $300, plus more||33|
|This is my favorite fanless NUC chassis so far||29|
|AMD posts $180 million loss, shutters SeaMicro business||243|
|Razer's BlackWidow Chroma spawns a tenkeyless variant||18|