OpenSSL's Heartbleed bug has made worldwide news this week, and for good reason: it compromised the security of a huge portion of the web (including TR). Because the bug potentially exposed passwords to prying eyes, many have called on users to update their passwords as soon as possible. But which passwords need updating? Which sites have yet to fix the bug, and which ones were never affected in the first place?
To help ease the confusion, the folks at Mashable have put together a handy, non-exhausitve list of major online services, including banks, and where they stand with respect to the Heartbleed bug. The list outlines whether a given site was affected, whether it's patched the hole, whether you should update your password, and any statement that service may have released about the issue.
I'm seeing a lot of "Yes" ticks in the "Do you need to change your password?" column for some major services, including Google, Yahoo, Facebook, Dropbox, GoDaddy, and
TurboTax. Even Minecraft users will need to update their passwords, Mashable says.
I guess I know what I'll be spending my evening on. If you're stumped for ideas, keep in mind that short sentences with punctuation can be more secure and much easier to remember than single words or cryptic alphanumeric sequences. Or, you know, you can always look up a password generator and use a password management service to keep track.
Update 4/11: Turns out TurboTax is not affected by the Heartbleed bug. A public statement by the company says users can update their passwords if they wish, but Intuit isn't "proactively advising [users] to do so." Mashable has also updated its story to reflect that point.
|1. Ryszard - $603||2. Hdfisise - $600||3. Andrew Lauritzen - $502|
|4. the - $306||5. SomeOtherGeek - $300||6. Ryu Connor - $250|
|7. Anonymous Gerbil - $150||8. dashbarron - $150||9. webkido13 - $135|
|10. cygnus1 - $126|
|Cooler Master's MasterCase 5 reviewed||6|
|Run, gun, and murder aliens in 3D Realms' Bombshell||4|
|Light and shadow play together in Calvino Noir||2|
|Go pro with Razer's Wildcat Xbox One controller||7|
|CliffyB returns to the FPS scene with LawBreakers||13|
|There can be only one Headlander||6|
|Deals of the week: Asus' Strix GTX 970 and more||8|
|Chrome will soon block Flash ads and auto-playing background media||31|
|Vive VR headset is a victim of Valve Time, now set for 2016 release||12|