Yahoo! sent an email yesterday indicating that because of the Heartbleed vulnerability, my account was being locked and I needed to go through a process to change my password. I am a heavy Flickr user so this required a response. I was initially skeptical because of the built in form, but I then tried to connect directly to Flickr and found that I was indeed blocked and the same form appeared. Changing passwords is a hassle. I explore so many services using so many devices that any adjustment even for one account requires considerable effort. I am guessing I will have to now update a dozen devices (phone, ipads, desktops, laptops) in order to access my Flickr account. I know, I know – I should be a model of sound security practices. I also should not complain for what my son refers to as a “first world problem” and appreciate I have this number of devices. Still …
I do use multiple passwords limiting the damage I would experience should one of my passwords become known. My Google resources are protected by two-factor authentication (I receive a passcode on my phone when I attempt to connect from a different machine, a different location and some other unknown situations I have yet to figure out). I also understand there are ways to use a one password system that controls multiple passwords for individual accounts, but these systems scare me and I am afraid to place all of my accounts under the control of a single company.
Anyway, there is a way to check for the Heartbleed vulnerability – https://lastpass.com/heartbleed/ (lastpass is a provider one of the one password solutions I describe above). I tried the technique on a server I use and discovered the following:
Time to make some more changes.
You must be logged in to post a comment.