Heartbleed Bug: How To Protect Your Information Online

An IU computer sciences professor gives advice on how to protect online information from the Heartbleed Bug.

keyboard

Photo: tsmall (flickr)

Heartbleed bug is affecting a majority of websites we use everyday.

Cyber experts are calling the Hearbleed blug, which is threatening the personal information housed on millions of websites, the biggest current internet security threat.

Steve Myers, a professor of computer sciences and informatics at Indiana University, says the bug is not an act of cyber terrorism or hacking, but rather an infrastructure problem in the security code most websites use.

“This is not a virus. This is not malware,” Myers said. “It wasn’t sent out over the internet. This was sort of like a GM recall. We have a whole bunch of systems that have been deployed with something that’s not quite built right and because of that they’re all vulnerable to attack.”

What You Should Be Doing Now

Myers says internet users should not hurry to change their passwords immediately. If you do not know whether your information could have been compromised, you should change you password after taking some precautions.

You can check whether a website is corrupted by the Heartbleed Bug by typing in the URL here. If the website comes up as safe, you can log in and Myers recommends you should then change your password.

Myers says the worst course of action right now is logging on to an insecure site because hackers won’t have access to sensitive information on a site unless you log in.

Good Password Hygiene

Establishing varied, complex passwords and updating them regularly is the only way to safeguard financial and personal information on the internet, according to Myers. Below are his tips for good password “hygiene”.

  • Don’t share passwords across websites.
  • Create different levels of passwords. Banking and financial sites should have complex, unpredictable passwords. Save your common, easy passwords for sites without sensitive information.
  • Your passwords shouldn’t contain a word.
    “So you can do something like create a phrase and take the first and last letter of each word in the phrase and put those all together to create passwords,” Myers said.
    ex: Dead Of Night ddofnt

Myers encourages everyone to take this bug seriously, because at least one online service we all use has been affected by it.

Claire McInerny

Claire McInerny is a reporter/producer for WFIU/WTIU news. She comes to WFIU/WTIU from KCUR in Kansas City. She graduated with a journalism degree from the University of Kansas where she discovered her passion for public media and the stories it tells. You can follow her on Twitter @ClaireMcInerny.

View all posts by this author »

  • Bob Eckert

    Myers should have been advocating “passphrases” which is the standard at IU which are much more secure than passwords, but he might have felt some authentications systems out in the wild would not accept them because IU is further ahead on this type of authentication. Passphrases are the way of the future for typed responses.

  • Pingback: Local businesses struggle to make sense of Heartbleed flaw | Big News

What is RSS? RSS makes it possible to subscribe to a website's updates instead of visiting it by delivering new posts to your RSS reader automatically. Choose to receive some or all of the updates from Indiana Public Media News:

Support For Indiana Public Media Comes From

Search News

Stay Connected

RSS e-mail itunes Facebook Twitter Flickr YouTube

Follow us on Twitter

What is RSS? RSS makes it possible to subscribe to a website's updates instead of visiting it by delivering new posts to your RSS reader automatically. Choose to receive some or all of the updates from Indiana Public Media News:

Recent Technology Stories

Recent Videos

Find Us on Facebook