Screen Shot 2014-04-10 at 12.43.37

A major vulnerability called the Heartbleed bug has been discovered in OpenSSL software that’s used on many of the web’s most popular sites. OpenSSL is the system built to encrypt passwords and other sensitive information on websites. The Heartbleed bug can reveal the contents of a server’s memory, where the most sensitive of data is stored.  This bug has affected many popular websites, including Twitter, Yahoo!, Gmail and Facebook. The bug was identified by a security firm called Codenomicon, which published its details online.

“Your popular social site, your company’s site, commerce site, hobby site, site you install software from or even sites run by your government might be using vulnerable OpenSSL,” reads the webpage devoted to explaining the bug.

If you change your password before a site puts up a patch, then you need to change it again afterwards. Mashable put up a list of popular websites that are affected by this, and the ones who have patched it up. You can also use this tool to check if a website is affected. Besides checking to make sure websites are secure, you should also keep an eye out for statements from your most visited websites. Some security experts also recommend that you should wait a few days before visiting websites that hold sensitive information, such as logging into your banking accounts.

Two of the most used password in the world are “123456″ and “password”. If you do this, then you are just asking to get hacked. Here are a few tips on creating new, better passwords:

  • Avoid using the same password for multiple websites.

  • Make your passwords at least 8 characters, using a mix of numbers and letters.

  • Avoid complete words.

  • Change your password often, ideally several times a year.

There’s a little trick you can use, too. Pick a short sentence that’s easy for you to remember – for example something that describes you. Then, pick the first letter from every word in that phrase to create your unique passwords. For example, if the sentence is: “I became the Rock Paper Scissors world champion in 2005″. The password would then be “IbtRPSwci2″.

A good way to manage your passwords is with the LastPass extension. This tool gives you the ability to record all your passwords in a single, strongly encrypted location. After you’ve set it all up, you only need to remember a single password. You can download LastPass here.

Back to top
  • Brandon Frohs

    “I became the Rock Paper Scissors world champion in 2005.” would be a much better password than “IbtRPSwci2”, both in terms of being easier to remember and being more secure. Mind you, not all sites/apps will allow all of these characters in passwords, but they *should*.

  • Frenzie

    Does this only affect websites or also browsers like Opera 12.16? (Which is still the current version for Linux.)

    • bengtl

      I’m very interested in an answer to this question.

      • Frenzie

        Having since looked at the website in more detail, I think the answer is that connecting to an affected website with an affected browser (Opera 12.16?) is worse:

        “Furthermore you might have client side software on your computer that could expose the data from your computer if you connect to compromised services.”

  • Chas4

    Very good advice :knight:

  • I think it is the worst nightmare for sysadmin in this year.
    Let’s patch and patch!

  • kemp

    i use opera many years,i think it’s safety to response this –by

  • nemrof
  • I know it has nothing to do with the post, but … Why Opera for iPhone is so outdated? When we have an update? We want the features present in other platforms!

  • Seona

    Is this feature not implemented in Opera yet?

  • onlinechocolate

    the flavor of love on Mother’s Day with this gift of amazing chocolates and see the joy it brings to the life of your loving
    mother. Send chocolates to India
    and pamper your loving mother on this
    special day.

  • MoritzM

    I start browsing often with a search. I don’t understand why opera does not allow me in the present version to make StartPage to my standard preferred Search Engine. This is (nearly) as god as google (see last German computer magazine Chip), excellent support of privacy (European), SSL, and without the heardbleed bug. I really don’t understand operas intent why they keeping here users in leading-strings.

  • toplu SMS in en iyi adresi turkey