Heartbleed & Choosing the Best Password

By now, we’re sure you’ve heard of Heartbleed, the massive OpenSSL security flaw that this threatening more than a sizeable chunk of the Internet. Already we have seen Yahoo! affected with some users losing their passwords.

What should you do? The first thing that springs to mind is change your passwords, which you should but not just yet. Users should wait a day or two before changing passwords until they know for certain that the bug has been fixed. That’s according to Mark Seiden, an independent computer security consultant who was speaking with the New York Times.

“There’s nothing users can do until the web services have made their sites secure,” Mr. Seiden said.

If you change your password immediately, you may very just be feeding a new password into the flaw. You have to wait until the coast is clear. When choosing a password, Seiden recommends a variation of numbers and letters that don’t actually make up a word.

Unfortunately for the time being, users will need to wait on word from the website provider on whether or not they have been affected by Heartbleed. The security flaw is raising some serious questions over how we protect our data but moreso how the big companies protect data. If just one flaw can cause this much havoc, what does that say about the security practices of these companies?

For now, be particularly vigilant with your online accounts (which you should always be anyway) and keep an eye out for more updates as they come in. We here at VPN Creative will have all the news once it happens.

We’re also curious hear from Yahoo users that were affected by Heartbleed. Let us know your thoughts and complaints in the comment section below.