May 2014

Heartbleed – What is it? And How Do I Protect Myself?

First, lets begin with some background information written by Aaron Street, featured on the Lawyerist site on April 11, 2014…

So What is Heartbleed?

Lots of websites that require password log-in use an encrypted
connection to your browser, called SSL. You can see this when you go to sites that have an “https” website prefix, as opposed to the normal “http” prefix-the “s” means they’re using encryption to protect the data sent between you and that website.

One version of SSL is an open-source software called “OpenSSL”. For the past two years, the OpenSSL software has had an unknown bug in its code that could have allowed people to see what was supposed to be encrypted data passing between you and the websites using OpenSSL.

“Heartbleed” is just the creative name-given by internet security researchers-to identify the software bug in OpenSSL that allowed for this potential encryption leak….

To read the rest of the article which includes our suggestions for password security, click here.