In case you haven’t heard, a vulnerability dubbed “Heartbleed” has been discovered in the encryption protocol that many secure websites use. If you’d like a basic explanation of Heartbleed, The New Yorker did a great job of boiling it down. Early speculation on which sites were affected and how users can best protect themselves varied widely. Since the IT teams of individual organizations have had time to address the issue, we now have a clearer idea how to proceed.
The first step is to find out which sites you use that may be compromised and change your passwords at those sites. Mashable create a fantastic chart to help you with this. Keep in mind, this is by no means a complete list. If you login to sites that aren’t on this list, check with each site to see if it is vulnerable and/or has addressed the problem. For instance, Key Bank was not on Mashable’s list, but a quick visit to their website revealed that they do not use the vulnerable encryption software.
Of course, if you change your password but use that same new password at every site, you will remain vulnerable for other reasons. If you have trouble keeping track of passwords, you may want to consider using a password manager. For a guide to creating passwords, check out this guide from MakeUseOf.
Got questions? Let me know in the comments and I’ll find answers.