Apr 23 2014

After Heartbleed, Should You Change Your Passwords?

It might be time to reset login credentials if you use some major services on the web.

The web's largest entities are reeling from the Heartbleed Bug, in what’s being called one of the most widespread online security vulnerabilities ever.

Not every site that requires a user to log in has been affected, but now is a good time to protect yourself with a password refresh.

The security bug exposes data at hundreds of thousands of websites, including Google, Amazon, Yahoo, Facebook and Netflix — sites that are activity hubs for students. A security breach at some of these sites could open the door to a wider breach, including identity fraud and stolen credit card numbers and consumer information.

Sites that rely on OpenSSL encryption to safeguard information have been exposed to Heartbleed, according to The New York Times. Financial institutions appear to have dodged the bullet, as have other sites such as LinkedIn, AOL and Outlook. But several colleges, including Dartmouth and Western Carolina University, have advised students to change their passwords and are actively working on fixes, according to Bloomberg.

This chart from LWG Consulting, a forensics engineering and discovery firm, helps identify what information is at stake for users of major web services, and where to get started on updating passwords.

Heartbleed Infographic