The Daily Item, Sunbury, PA

Daily Blast

April 11, 2014

Protecting your passwords after Heartbleed

NEW YORK — NEW YORK — You’ve probably heard about Heartbleed by now. It’s big, bad wolf of an Internet security problem. And though it’s mainly server managers who have to take steps to fix it, you can manage your passwords to help protect yourself.

The strangest thing about Heartbleed is that changing your password on a particular site only gives you more protection if that site has already applied to the Heartbleed patch and resolved its vulnerability. If it hasn’t, changing your password in advance could theoretically put you at greater risk. Heartbleed is a vulnerability in a server’s memory (RAM), not its data storage, so a hacker has access to things that are being called up by the server not everything that’s stored on it. That means that the hacker could ascertain your new password, too.

Lists, which are being frequently updated, can tell you which websites are vulnerable and which have been patched. Once a site is no longer vulnerable, it’s time to change your password. You’re going to have to do this on a lot of sites, so this is the perfect time so start using a password manager.

A password manager helps you generate random, strong passwords so you don’t have to think of them yourself. Then it stores your login information for every site you use, autofilling a password whenever you need one. You don’t need to know or remember your passwords, because they’re all stored and protected behind one master password that you make extremely strong and unguessable. I use 1Password, and my master password is a fairly long sentence (without spaces) that includes alternate spellings, numbers in place of certain letters, and punctuation.

I’ll admit it. I kind of hate using a password manager. Setting it up is tedious, and it’s a little unsettling to never know any of your passwords. It doesn’t matter so much when you’re on your personal computer and have 1Password (or your password manager of choice) running, but when you’re using someone else’s computer, you have to use a an app to check your password for any site/service you want to log into.

Password managers aren’t about fun, though. They’re about proactively protecting yourself from much more annoying, and potentially detrimental, problems down the line if your personal information gets hijacked. And they do offer a lot of useful features like super secure notes and a password generator. Many even incorporate two-factor authentication, and in our leaky digital world, it’s reassuring to use a service whose only priority is security.

Good options for password managers include LastPass, Dashlane, 1Password, Roboform, SplashID, mSecure, and KeePass. There’s initial effort to get your password library going, but once it’s up and running it won’t get in your way. And it might save you some heartache, if not Heartbleed, sometime.

 

1
Text Only
Daily Blast

Ask Izzy
Pet of the week

Oddly Enough

Going Dutch

Fantasy Front Office
Guess Who
  • Guess Who! Week 29!

    There he was, this 66-year-old grandfather of four, hanging 200 feet above the jungle canopy, under which may have been slithering boa constrictors, Burmese pythons or the odd tarantula. “If I fell down,” this resident of Montour County says, “I’m in there dealing with bugs and snakes and whatever.” His goal earlier this month was to hang on

    Continued ...
    Anonymous The Daily Item Fri, July 18
    Jul 18, 2014 1 Photo
  • Guess Who! Week 28 ID'd!

    1, 2, 3 ... . This Lancaster County native’s job was to count every Allegheny Mountain dusky salamander he saw in every square yard of that expansive swamp off Interstate 79 in Crawford County.

    Continued ...
    Anonymous The Daily Item Mon, July 21
    Jul 18, 2014 1 Photo
  • Guess Who! Week 28! Jul 11, 2014 1 Photo
  • Guess Who! Week 27 ID'd! Jul 11, 2014 1 Photo
  • Guess Who! Week 27! Jul 4, 2014 1 Photo

Headline This! - Contest

Outshoot the Experts! - Contest

Watch This