Protect Your Computer from Heartbleed - Change Passwords and get a Password Logbook
Many well-known and major websites have been hit by the HeartBleed security weakness.
Passwords need to be changed and, if necessary, strengthened. This means a lot of deleting of old passwords, and noting down the new ones.
This would be a good time to gather your passwords from wherever you keep them, which might be scattered all over the place, or might be on several sheets of paper neatly clipped together, or in a password-keeper secure programme.
Are they in alphabetical order, or are they a bit tricky to find?
Maybe you are one of those geniuses who can keep all their passwords in their head, and maybe you are not. Perhaps you have a formula for setting your passwords, or perhaps you just choose random letters, numbers and possibly symbols. Some people have only a few passwords, and others, like me, have about 200, because I'm always signing up to new shopping sites, social sites, blogs and forums - you name it, I'm bound to be interested in it.
Now is the time to change your organizational methods, and this Personal Internet Address and Password Log Book will help you to get everything in place.
I've just bought one myself, and over the past few days, due to that wretched Heartbleed security weakness, I have been busily updating my passwords and noting all the log-in details in my Password Log Book. I've started with the websites which have had a known security weakness, and which have confirmed publicly that they have fixed it with a patch. Not all websites are affected but the awful thing is that this security breach has been happening stealthily for the past two years, and is only now being discovered.
A word of warning - there's no point in changing your passwords too soon -
The common wisdom is that if the website hasn't yet been fixed by a patch, your new password will be as insecure as your old one. But as soon as a patch is announced, you should make sure that you change your password as soon as possible, and make it a strong one - this means a combination of 10-16 letters, numbers and possibly symbols, in an order which would be hard to guess, possibly using a secret code, mnemonics or sequence of letters which do not make a proper word. So "Password1234" is out and "lpo5gm78Hlp2J" is in.
Just bite the bullet and get on with it. It's not going to be pleasant, but this little log book will help you. It has pages listed alphabetically, and headings for the Website Title, URL, User Name, Password and a space for Notes. Then at the back of the book there is a section for information about your computer, and finally a few blank pages headed Notes. It's small enough to fit in your purse or pocket.
Here are some links to some good articles about Heartbleed:
The following are websites which have patched the security weakness, and whose passwords you now need to change as soon as possible:
- Google and Google+
- Yahoo and Yahoo Mail
- G Mail
- YouTube (linked to Google)
And here are some alternative Password Log Books:
This one is similar to the one described above, but, being plain black, it's very low profile and easy to keep from prying eyes
While you're at it, why not get this instruction book to leave with your will so family or executors can find your Pin Numbers, Keys and Important Documents, not to mention your accrued earnings on Squidoo, Amazon and Paypal, your Bank Details and Financial Information, as well as general instructions such as advance health directives, and what to do with your pets.
Here are some YouTube Videos to explain more about the Heartbleed Encryption Bug and how to change your password on some of the more common websites, especially those relating to email accounts:
Don't forget to choose strong passwords, and make sure you have written them down and kept them somewhere safe from prying eyes
Have you Done What is Necessary to Protect Your Passwords and Privacy? And Has this Web Page Been of Any Help to You? Do leave your comments here on my Guestbook.
If you know of any further websites which have been compromised by Heartbleed but which have now been fixed with a patch, please tell us about it here.