October 22, 2014

Protecting yourself from ‘Heartbleed’

An exploit in a popular piece of online software should have many people thinking about changing their passwords. It’s known as ‘Heartbleed‘ and it’s essentially a back-door in a popular software encryption program that can be used to view encrypted data on computer servers, such as user names and passwords.

Many companies have moved quickly to patch the code since the problem was discovered earlier this week, but there are likely several services out there that might be slow to respond. Nick Davis, an Information Security Architect with the UW-Madison, says that could sensitive data at risk, if businesses have failed to patch the bug.

So far, there’s no evidence the security hole has been exploited, but Davis says it’s a good reminder for people to change their online passwords. He says people should doing that anyway every month or so, even if there’s currently no threat out there.

Davis also suggests getting in the habit of logging in to online accounts at least once a day to check for any unusual activity. While banks and other financial institutions have improved their methods of watching for online identity theft, spotting a problem quickly can make a big difference in minimizing the damage.