Protecting Yourself from the Heartbleed Bug
Video: Protecting yourself from the Heartbleed bugLearn how to protect yourself from Heartbleed—the website security flaw that can expose your passwords and other vulnerable data.
Protect yourself from Heartbleed—the web security flaw that can expose your passwords and other vulnerable data you have entered on websites, apps, email, and even chat. In this quick course, Justin Seeley explains what the Heartbleed bug is and what you should do to stay safe, and provides resources for following the latest Heartbleed developments.
Protecting yourself from the Heartbleed bug
Hi there. My name is Justin Seeley and in this movie I'm going to be talking to you about the recently discovered Heartbleed vulnerability and what it means for you and your online security. Now, if you're not familiar with Heartbleed, you might be wondering what is this thing. In simple terms, Heartbleed is a security bug, or a problem, that is affecting web servers for lots of different websites including big ones like Facebook and Google.
This bug can potentially expose sensitive information that you enter into these sites and even apps and services like chat and web based email can be affected as well. In short it's kind of bad and you need to be paying attention to it. Now that I've got your attention, you're probably wondering what can you do to protect yourself? Well, fortunately, your side of the equation is relatively simple. Over the next few weeks, be on the lookout for announcements from various apps or services that you use regularly.
While any security notification is probably important, pay special attention to the messages that reference Heartbleed specifically, especially if they come from a financial institution or an online retailer where you store sensitive information like credit cards or social security numbers. Everybody is scrambling to fix this bug on their site right now, and once they send you a message telling you they fixed it, you need to reset your passwords immediately. Also, if the app or service offers two step verification for logins, you should seriously consider turning that on in my opinion.
Finally, be vigilant over the coming weeks and months. Watch your online banking activity, and your email accounts. If something looks fishy, report it or update your security settings right away. Nobody is going to stand guard for you in this case, so you have to play it safe, and you have to be the watchman. There are already several websites reporting that they've fixed the bugs on their end, and you should probably change your passwords on these services as soon as possible. Those services include Facebook, now if you're not sure how to change your password on Facebook, that's okay.
Just go up to the top right hand corner of your Facebook profile, and then choose Settings. Once you get to the Settings section, you're going to go to the section labeled password, enter in a new password, save the changes, and you're good to go. You might also want to visit the Security tab in your preferences though. And turn on things like login approvals, code generator, or app passwords. These are all just different layers of security that you can add to your Facebook account, to make sure that all of your data is safe and secure.
Instagram. You can log into Instagram directly from you web browser by going to instagram.com. Login using your credentials. And then click here in the top right corner. Choose edit profile and then on the left-hand side, click on change password. Once you do that, you'll be able to enter in a new password, and then click the big green button and you should be all ready to go. Twitter. On Twitter, you're going to log in and then click the gear icon in the top right-hand corner of the website. Then you're going to choose Settings. And in the Settings, you're going to choose Password, over on the left.
Enter in your new password, and then click Save Changes. Google. Now this is a big one. Because Google doesn't just include Google. It includes Google+, YouTube, all of that stuff. Gmail. Everything's included with Google. So this one's really important. Just log into your Gmail account. Then, in the top right hand corner, click on the little avatar. And then, in the fly out menu that comes out, choose Account. Once you get to the Account page, what you're going to do is go to the Security tab. And on the Security tab, you want to go down to the password section, where you can change the password.
And you can also set up two-step verification. Which is just another layer of added security to your account that I highly recommend that you turn on. Finally, Dropbox. If you're anything like me, you store a lot of stuff in Dropbox. In order to change your password for Drop Box, you're going to log into Dropbox.com, click in the top right hand corner, go down to Settings, and then on the Settings page you want to go to the Security tab and then change your password. Dropbox is also another company that offers two step verification, so I highly recommend you turn that on as well.
At first this two step verification thing is going to seem sort of tedious. But, after you realize that it makes you more safe and secure, it's going to be a no-brainer, I think. For a more comprehensive list, check out the chart over on mashable.com, which offers a laundry list of sites, and details if you should be changing your passwords on those sites as well. Ive bookmarked the URL for you. At seeley.co/mashbleed. It's just a shortened URL that I created, making it easier for you to find it. There's also a really awesome infographic floating around online, which was produced by LWG Consulting.
You can view this graphic in its entirety by going to seeley.co/hbleedinfo. Now might also be the time to start thinking about using a password management application. As security concerns continue to rise protecting yourself with secure passwords is never a bad thing. And there are several apps out there that will do that for you. My favorite is One Password. Not only does it help me remember all of my passwords, but it also has a built in password generator feature which makes it easy to create complex secure passwords with very little effort.
It's also available on Windows, Mac, Android and iOS. It's not free but if you ask me, it's worth every penny they charge for it and then some. While Heartbleed isn't something to take lightly, it's not something to completely freak out about either. Just pay close attention to all of your accounts. Take the necessary precautions and be sure to check with all of your service providers to see what they're doing to protect you and your information. The more information you have, the better you can protect yourself.
And hopefully this video has given you some insight on what to do regarding this Heartbleed vulnerability. Thank you for watching.
There are currently no FAQs about Protecting Yourself from the Heartbleed Bug.