# Important Note: The Heartbleed Hit List: The Passwords You Need to Change Right Now



## Bob Hubbard (Apr 10, 2014)

In case you've missed the gazillions of notices all over the place, there's a -major- as in "oh ****" major security issue going around. A lot of sites have been effected, major sites.

This link gives you some information on who, what, where, etc.
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

Here's the short version: Go change your password.
Which password?

All. Of. Them.

This bugs been out for 2 years. There's no way to know who was effected or not. So change your password at your bank, your email, Facebook, even here.


Something else: Don't use the same password on each site.

If you can, mix in letters, upper case, lower case, numbers, and characters.

Be smart, be safe, and please, change those passwords.


----------



## Bob Hubbard (Apr 10, 2014)

> The best way to protect yourself against the Heartbleed bug is to not  only update your important passwords, but to also make sure you're  choosing strong passwords that can't be easily discovered. Here are some  tips and tricks to help you create reliable passwords that are  impossible to guess.



http://www.entrepreneur.com/article/232957


----------



## Xue Sheng (Apr 10, 2014)

Yes you should change your passwords, but before you change the password on any site make sure it has been patched. Changing it on an unpatched site does you no good. There is a link I have at my office to check sites and if I am allowed to give it out I will post it here


----------



## Xue Sheng (Apr 11, 2014)

here is one of the tools


US-CERT Alert (TA14-098A) - OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)


----------

