heartbbleed-changeyourpassword

merke · April 22, 2014, 2:53pm

yes, it is serious ; https cloud site has asked to me this morning to change my password

ad18 · April 22, 2014, 7:53pm

If the site tells you to change your password then you should probably do it. Just watch out for any scam emails with links to change your password. I heard there are some of those emails going around.

merke · April 22, 2014, 9:07pm

scam email : sure you are right !

let’s watch out !

jhkmaster_b · April 23, 2014, 12:16am

Make sure there is information about changing passwords on any official announcement on the website.
Generally announcement brings information and confirm that the site administrators mitigated the vulnerability.
If in doubt contact the service for more information.

Many emails circulating today asking you to update information, passwords can be traps to gain unauthorized access or theft of information.

:-La Use complex and unique passwords for each online service, and updates them in considerable intervals reduces the risk of compromised passwords.

:P0l And being attentive to requests by strangers or links that were not requested.

merke · April 23, 2014, 12:44am

And being attentive to requests by strangers or links that were not requested.
you are right jhkmaster_b

why not a white list of updated site ?
duckduckgo updated : yes
ixquick updated : yes
startpage updated : yes
copy updated : yes | ask to change the password : yes
startmail updated : yes | ask to change the password : yes
mega updated : ? | ask to change the password : ?
If in doubt contact the service for more information.
https://lastpass.com/heartbleed/

do not forget the updated version of tap-windows

jhkmaster_b · April 23, 2014, 1:07am

Now there’s an easy way to flag sites vulnerable to Heartbleed (Ars Technica)

I use Netcraft Extension, it protects Phishing attacks, checks whether the site has “Perfect Forward Secrecy (PFS)” and you can see if the site was affected by Heartbleed.

Netcraft Extension
http://toolbar.netcraft.com/

The Heartbleed Hit List

List of Most Popular Websites affected by Heartbleed
http://hackersnewsbulletin.com/2014/04/list-popular-websites-affected-heartbleed-biggest-security-breach-change-password-now.html

merke · April 23, 2014, 1:42am

Thx jhkmaster_b.

merke · April 23, 2014, 2:10am

mega : not affected /not using openssl | use Perfect Forward Secrecy encryption end-to-end
Thx to Mark1 for having discovered this perfect service.