heart bleed

I feel the Heartbleed Under My Feet…

I feel the Heartbleed under my feet…

I feel the Sky tum-b-ling down, tum-b-ling down!

OK maybe not the exact words. But it’s true, with all the talk about Heartbleeds, it certainly might seem like the world is falling around your feet.

It’s times like these when things can become a little too overwhelming in the techy world, but it is also times like these when I am grateful to have lots of great friends with technical no how.

In particular my long time online friend Kimberly Casteberry of Just Ask Kim always comes to the rescue in times such as these.

heart bleed

What is Heartbleed Beth?

Heartbleed is the name given to vulnerability in a piece of security software used by almost every secure website used by banks, shops, email providers and a whole raft of service providers online. You might be familiar with the little padlock symbol in the top left-hand corner of the web browser that denotes that there is a secure connection.

The lovely Kim, has broken all the hard bits down and made the whole heartbleed seem much simpler. These are mostly all Kim’s words, so to thank her you might also want to join her community here.

1) Sites that appeared to be using HTTPS to properly protect your passwords were potentially not very protected.
2) Every site affected – which is most but not all of them on the web that use SSL (HTTPS) – will have to update their server certificate and then YOU will need to change your password.
3) If you rushed and changed all your passwords, you’re likely going to be changing some of them again once the servers are patched. Updating before sites are patched can actually give the bad guys your new password info.
4) There are a lot of small sites, such as optimizepress.com, that are affected, that the media will never list. You’re going to need to use your LastPass security scanner to find these.
5) You must follow what is going on and you must update sites once they patch their security certificate.
6) Be wary of mandatory password reset emails that contain links as hackers are now sending out fake ones. If you get one, go type the URL in the address bar manually to avoid giving your credentials to the bad guys (or GALs)
7) If you use an SSL certificate on your website (for https) be sure to contact your hosting company for further information about your site.
8) If a website does not patch, it will continue to be attacked until all of the user data and passwords are known. This may include your data. So keep an eye on who has NOT patched in addition to who has.
9) This does NOT mean that your passwords have already been compromised – but it does mean that it is quite possible. And it’s more likely the more sites you used the same password on if you were lazy and did not use a unique password per site. (Use LastPass to make secure passwords easier.)
10) LastPass does not install anything on your computer. It’s not a keylogger. It does not steal data from your computer. It does not steal data from any site other than the vulnerable one.

I can vouch for Kimberly and LastPass. I have used it for years now and it’s invaluable. Especially at times like these.  Please check out this list by Mashable showing all the major websites that you should start to update your passwords.

If you want to discuss this in more detail or if you just want some support, please come join the discussion with Kim herself here and tell her I sent you come join the discussion here.

Remember it’s really important not to update your passwords on sites that are still vulnerable. This will defeat the purpose. Check to see which sites are ready and updated for you to start changing your passwords.

To Your Simple Blogging Success,


P.S Learn how I finally cracked the code to making a full-time income online >>>>Here<<<<

P.P.S When you subscribe to the Simple Blogging Network Newsletter you get:

  • A FREE 5 Steps to Simple Blogging Success E-book
  • 2 workbooks to help you figure out your niche
  • A 30 Blog Post Ideas Blueprint for any Niche!

New Graphic

 

The following two tabs change content below.

Beth Hewitt

Blogging since 2009 and passionate about blogging, personal development, marketing and helping others succeed. In 2012 I founded the Simple Blogging Network because I was tired of seeing intelligent, talented bloggers getting disillusioned and frustrated because they never made a dime online. I aim to cut down the learning curve for bloggers new and old, simplifying all aspects of blogging and helping great bloggers get the recognition they deserve.

Latest posts by Beth Hewitt (see all)

6 Comments

  • Hello there. Thanks for sharing this information. Nice of you to visit my blog too. Not sure if you’re taking part in the A-Z Challenge, but if you are, all the best with that!

  • Hillary

    Reply Reply April 11, 2014

    Oh wow, I’ve never even heard of heartbleed until now. Thanks for informing us!

  • Rachel Lavern

    Reply Reply April 11, 2014

    The Heartbleed vulnerability is serious and we all need to pay attention. Not all servers are affected so we can breathe a little. However, it does affect many in varying degrees, regardless where they are in the world.

  • Merle

    Reply Reply April 11, 2014

    Thanks for sharing this information Beth. Sounds like it could be a bit scary. Will check out LastPass.

  • Brian Lee

    Reply Reply April 16, 2014

    Hi Beth
    this is valuable info thank you very much, never heard of heartbleed (no relation to heartbeat)

    Thanks again
    Brian

  • Aras Androck

    Reply Reply April 23, 2014

    Gosh. I hope my blog won’t get affected by this bug.

Leave A Response

* Denotes Required Field