Learn how to protect yourself from Heartbleed—the website security flaw that can expose your passwords and other vulnerable data.
- [Voiceover] Hi there. My name is Justin Seeley, and in this movie, I'm going to be talking to you about the recently discovered Heartbleed vulnerability, and what it means for you and your online security. Now if you're not familiar with Heartbleed, you might be wondering, what is this thing? In simple terms, Heartbleed is a security bug, or a problem that is affecting web servers for lots of different websites, including big ones, like Facebook and Google. This bug can potentially expose sensitive information that you enter into these sites, and even apps in services like chat, and web-based email can be affected, as well.
In short, it's bad, and you need to be paying attention to it. Now that I've got your attention, you're probably wondering what can you do to protect yourself. Well fortunately, your side of the equation is relatively simple. Over the next few weeks, be on the lookout for announcements from various apps or services that you use regularly. While, any security notification is probably important. Pay special attention to the messages that reference Heartbleed, specifically, especially if they come from a financial institution, or an online retailer, where you store sensitive information, like credit cards or social security numbers.
Everybody is scrambling to fix this bug on their site right now, and once they send you a message telling you that they fixed it, you need to reset your passwords immediately. Also, if the app or service offers 2-step verification for logins, you should seriously consider turning that on, in my opinion. Finally, be vigilant over the coming weeks, and months. Watch your online banking activity, and your email accounts. If something looks fishy, report it, or update your security settings right away.
Nobody is going to stand guard for you in this case, so you have to play it safe, and you have to be the watchman. There are already several websites reporting that they've fixed the bugs on their end, and you should probably change your passwords on these services as soon as possible. Those services include Facebook. Now if you're not sure how to change your password on Facebook, that's okay. Just go up to the top right hand corner of your Facebook profile, and then choose Settings. Once you get to the Settings section, you're going to go to the section labeled Password, enter in a new password, save the changes, and you're good to go.
You might also want to visit the security tab in your preferences though, and turn on things like login approvals, code generator, or app passwords. These are all just different layers of security that you can add to your Facebook account to make sure that all of your data is safe and secure. Instagram. You can login to Instagram directly from your web browser by going to instragram.com. Login using your credentials, and then click here in the top right corner. Choose Edit Profile, and then on the left hand side, click on change password.
Once you do that, you'll be able to enter in a new password, and then click the big green button, and you should be all ready to go. Twitter. On Twitter, you're going to login, and then click the gear icon in the top right hand corner of the website. Then you're going to choose Settings, and in the settings, you're going to choose Password, over on the left. Enter in your new password, and then click Save Changes. Google. Now this is a big one, because Google just doesn't include Google, it included Google+, YouTube, all of that stuff.
Gmail, everything's included with Google, so this one's really important. Just login to your Gmail account, then in the top right hand corner, click on the little Avatar, and then in the fly-out menu that comes out, choose Account. Once you get to the Account page, what you're going to do is go to the Security tab, and on the Security tab, you want to go down to the Password section, where you can change the password, and you can also set up 2-Step Verification, which is just another layer of added security to your account that I highly recommend that you turn on.
Finally, Dropbox. If you're anything like me, you store a lot of stuff in Dropbox. In order to change your password for Dropbox, you're going to login to Dropbox.com, click in the top right hand corner, go down to Settings, and then on the settings page, you want to go to the Security tab, and then change your password. Dropbox is also another company that offers 2-step verification, so I highly recommend you turn that on, as well. At first, this 2-step verification thing is going to seem tedious, but after you realize that it make you more safe and secure, it's going to be a no-brainer, I think.
For a more comprehensive list, check out the chart over on mashable.com, which offers a laundry list of sites and details if you should be changing your password on all of those sites as well. I've bookmarked the URL for you at http://seeley.co/mashbleed. It's just a shortened URL that I created, making it easier for you to find it. There's also a really awesome infographic floating around online, which was produced by LWG Consulting. You can view this graphic in its entirety, by going to Seeley.co./hbleedinfo.
Now might also be the time to start thinking about using a password management application. As security concerns continue to rise, protecting yourself with secure passwords is never bad thing, and there are several apps out there that will do that for you. My favorite is 1Password, not only does it help me remember all of my passwords, but it also has a built-in password generator feature, which makes it easy to create complex, secure passwords, with very little effort. It's also available on Windows, Mac, Android, and iOS.
It's not free, but if you ask me, it's worth every penny they charge for it, and then some. While Heartbleed isn't something to take lightly, it's not something to completely freak out about either. Just pay close attention to all or your accounts, take the necessary precautions, and be sure to check with all of your service providers, to see what they're doing to protect you, and your information. The more information you have, the better you can protect yourself, and hopefully this video has given you some insight on what to do regarding this Heartbleed vulnerability.
Thank you for watching.