The views of this article are the perspective of the author and may not be reflective of Confessions of the Professions.
What is this Heartbleed bug everyone is talking about and what does it mean to you?
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. The vulnerability exposes protected and privileged information by using SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging, and some virtual private networks.
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users, and the actual content — allowing attackers to eavesdrop on communications, steal data directly from the services, and users, and to impersonate services and users.
For more information, please go to http://www.heartbleed.com/
Most companies have updated their software and have fixed the issue. What does this mean for you? While most companies have claimed they are not under threat or any direct attacks, it may be a good idea to change your password if you were associated with any of the companies listed on the infographic that were affected. This infographic covers all the companies that were either secure and never were in harm’s way and those that were exposed to the security vulnerability. If in doubt, change your password.
You could use a password generator, but you will most likely forget the password or write it down and forget where you put the piece of paper, so it is better to choose a password you will know in your head, but no one else can guess. For help in ensuring you have a strong password, I recommend using this free Password Meter tool.
Click to open / Right-click for save options
Additional Heartbleed Security Vulnerability Information from CloudFlare
|Vulnerable to Heartbleed? Should you change your password?|
|Amazon Web Services|
|Hotmail and Outlook|
|Bank of America|