Why is everyone talking about changing online passwords?

The image to the left really depicts my feelings about Valentine’s Day.  However, it’s the visual that is used to describe a ‘bug’, discovered earlier this week, that affected most websites.    The simplest thing to say is:  change your passwords.

This particular ‘bug’ allowed hackers to get user names and passwords and no one really knows the degree of the compromise.  Websites and server companies are rebooting servers and applying ‘patches’ now.  So, before changing your password on a site, check here to make sure the site has been repaired.

Heartbleed explained (kindergarten version):  Think of the data transferred between websites and computers all over the world like a power line or a water pipe.  Those lines and pipes are generally protected by a thick outer coating (for data that thick outer layer is computer code).  Programmers found a small “hole” in that outer layer and have now written computer code that can be applied to cover and protect that “hole” – it’s called a patch.  However, for the two years that the small hole existed, hackers could enter that stream of data and capture information or in the example of the water pipe — water (your user name and password) slowly trickled out.

As painful as it is, Heartbleed is an excuse to make yourself more secure and organized with your online ‘life’. Honestly, it’s the most important spring cleaning you can do this year.   Here are some things to consider and ways to organize yourself online.

(1) How often do you use Facebook to login to other sites?  However, FB never prompts you to change your password.    Solution:  use your FB login but create a calendar reminder to change that password monthly.

(2) Use a password consolidator like LastPass.  This company allows you to have one password to a LastPass account and then different, highly unique passwords to all of your other accounts.   The software can be downloaded for free on your computer and then for $12/year for the premium service (which allows for mobile apps to work with LastPass).

(3) If you use a public computer or device, NEVER NEVER NEVER leave without logging out.   And, if you do accidentally, change the password as soon as your login elsewhere.

(3)  Do you use the same password for multiple sites?   As nice as it is to have one to remember, you just cannot afford to operate your online life casually.  I love to use a password generator site to help me create new, unique passwords.  It thinks for me! 

What a pain, really, I know!   Spend a little time with LastPass or another password service, the upfront time will save you time in the future.