You’ve probably heard about Heartbleed by now. It’s big, bad wolf of an Internet security problem. And though it’s mainly server managers who have to take steps to fix it, you can manage your passwords to help protect yourself.

The strangest thing about Heartbleed is that changing your password on a particular site only gives you more protection if that site has already applied to the Heartbleed patch and resolved its vulnerability. If it hasn’t, changing your password in advance could theoretically put you at greater risk. Heartbleed is a vulnerability in a server’s memory (RAM), not its data storage, so a hacker has access to things that are being called up by the server not everything that’s stored on it. That means that the hacker could ascertain your new password, too.

Lists, which are being frequently updated, can tell you which websites are vulnerable and which have been patched. Once a site is no longer vulnerable, it’s time to change your password. You’re going to have to do this on a lot of sites, so this is the perfect time so start using a password manager.

A password manager helps you generate random, strong passwords so you don’t have to think of them yourself. Then it stores your login information for every site you use, autofilling a password whenever you need one. You don’t need to know or remember your passwords, because they’re all stored and protected behind one master password that you make extremely strong and unguessable. I use 1Password, and my master password is a fairly long sentence (without spaces) that includes alternate spellings, numbers in place of certain letters, and punctuation.

Read the Full Article: Source – Slate
http://www.slate.com/blogs/future_tense/2014/04/10/password_managers_can_protect_you_from_vulnerabilities_like_heartbleed.html

source not found