One of the major security flaws that are making news these days is Heartbleed bug. Several hundred websites are believed to have been affected. The bug is so severe that it has a website of its own outlining all aspects of the problem and it is Heartbleed.com.
What is Heartbleed Bug?
Heartbleed is the pet name given to a bug in the form of security software which almost all the sites with high security use on the internet. It is actually an error in a software package called OpenSSL which is used broadly for a secure connection between the user and the service by shops, banks, email providers and many other services. This is done in order to protect all other information handle by server.
Heartbug is making the life of hackers or cyber criminals so easy that they can get access to private encryption key for stealing the data. This reveals the undisclosed keys used to recognize the service providers and to encrypt the user details like traffic, the name and passwords. The attacker gets the liberty to decrypt any past and future traffic at will. Bearing in mind the long exposure, ease of misuse and attacks leaving no trace this problem should be taken seriously.
What can be done as a Preventive Measure?
Don’t be evident
Don’t choose easy passwords related to you such as your address, date of birth or your name. It is quite easy to find a lot of information about you online and attackers can easily misuse it.
Always use long words and underscores in your security code
It is safe to use long words or combination of words along with underscores for a phrase which is easy to remember.
Always use combinations
Never just use the alphabet as security code. Try to make combination of upper and lowercase letters, numbers and symbols within words.
Keep Recovery Options Set
Set up password recovery options and keep updating them continuously. In case you fail to recall your password or get locked out by a cyber-criminal, many services facilitate you to send an email response to your preset recovery email address. But make sure to keep this email address up to date and if service allows, add a contact number also as an alternative.
Mix it up over websites
Don’t use the same passwords for all email, banking and other significant websites to avoid identity theft in case password is compromised.
Remember In your head
Do not write down passwords – someone may steal your list. Rather try to remember it or store all passwords on your mobile phone and use just one strong password to access.
Out and about
Avoid using public computers like Internet café, library or the shared computer to enter your password. Since you don’t control those computers, there are chances that they may have malware installed which can steal your password. Also, uncheck the ‘Remember this password?’ box on a computer you don’t own.