Heartbleed is arguably the biggest online security flaw to be discovered in the last few years, as it affects just about every internet user on the planet. The list of affected websites is long indeed, and includes the likes of Facebook, Yahoo and Gmail (now we’ve got your attention).
Basically, the flaw allows someone to gain access to your once secure passwords, and I would bet a fair amount that the National Security Agency in the United States has been using such a flaw in their global spying campaign.
I don’t have enough space to go into detail, but suffice to say that Heartbleed affects the very core of the internet security protocols that many sites rely on.
Unfortunately there was not much that a regular user could have done about it, but now that we know about the flaw we can take some proactive steps towards protecting ourselves in the future.
At this point, most of the major sites have updated their security and are no longer susceptible to Heartbleed, but that does not mean your data is safe.
It is very possible that emails and passwords were compromised before the fix took place, so one needs to change the passwords of any site that you feel holds personal or sensitive information. A huge pain for those of us with accounts across the web, but better safe than sorry.
In light of this, it is now the perfect time to invest in a ‘password manager’ for your device. These nifty programmes make the managing of multiple passwords much easier, as well as helping make them more secure. I would highly recommend taking the time to try out ‘LastPass’ or ‘RoboForm’. They can be a little bit of a mission to set up, but the security and convenience they provide is well worth it.
As online fraud gets worse we need to rely more and more on ourselves, and less on the companies we use, to protect ourselves. This lesson will be particularly hard on those are not particularly tech savvy, but if my 64-year-old mother can learn, then so can you!